Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-2657
Vulnerability from cvelistv5
Vendor | Product | Version | |
---|---|---|---|
▼ | Oracle Corporation | Java |
Version: Java SE: 6u171 Version: 7u161; JRockit: R28.3.16 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T04:21:34.733Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20180117-0001/" }, { "name": "RHSA-2018:0521", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0521" }, { "name": "RHSA-2018:0115", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0115" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0" }, { "name": "RHSA-2018:1812", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1812" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us" }, { "name": "RHSA-2018:1463", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1463" }, { "name": "RHSA-2018:0458", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0458" }, { "name": "1040203", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1040203" }, { "name": "RHSA-2018:0100", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0100" }, { "name": "102629", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/102629" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2018-2657", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-03T19:12:40.369651Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-03T20:36:25.506Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Java", "vendor": "Oracle Corporation", "versions": [ { "status": "affected", "version": "Java SE: 6u171" }, { "status": "affected", "version": "7u161; JRockit: R28.3.16" } ] } ], "datePublic": "2018-01-03T00:00:00", "descriptions": [ { "lang": "en", "value": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)." } ], "problemTypes": [ { "descriptions": [ { "description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit.", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-03-15T09:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20180117-0001/" }, { "name": "RHSA-2018:0521", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0521" }, { "name": "RHSA-2018:0115", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0115" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0" }, { "name": "RHSA-2018:1812", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1812" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us" }, { "name": "RHSA-2018:1463", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1463" }, { "name": "RHSA-2018:0458", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0458" }, { "name": "1040203", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1040203" }, { "name": "RHSA-2018:0100", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0100" }, { "name": "102629", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/102629" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2018-2657", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Java", "version": { "version_data": [ { "version_affected": "=", "version_value": "Java SE: 6u171" }, { "version_affected": "=", "version_value": "7u161; JRockit: R28.3.16" } ] } } ] }, "vendor_name": "Oracle Corporation" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit." } ] } ] }, "references": { "reference_data": [ { "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" }, { "name": "https://security.netapp.com/advisory/ntap-20180117-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20180117-0001/" }, { "name": "RHSA-2018:0521", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0521" }, { "name": "RHSA-2018:0115", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0115" }, { "name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", "refsource": "CONFIRM", "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0" }, { "name": "RHSA-2018:1812", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1812" }, { "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us", "refsource": "CONFIRM", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us" }, { "name": "RHSA-2018:1463", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1463" }, { "name": "RHSA-2018:0458", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0458" }, { "name": "1040203", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040203" }, { "name": "RHSA-2018:0100", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0100" }, { "name": "102629", "refsource": "BID", "url": "http://www.securityfocus.com/bid/102629" } ] } } } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2018-2657", "datePublished": "2018-01-18T02:00:00", "dateReserved": "2017-12-15T00:00:00", "dateUpdated": "2024-10-03T20:36:25.506Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2018-2657\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2018-01-18T02:29:21.743\",\"lastModified\":\"2024-11-21T04:04:10.243\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad en los componentes Java SE, y JRockit de Oracle Java SE (subcomponente: Serialization). Las versiones compatibles que se han visto afectadas son JavaSE: 6u171 y 7u161; JRockit: R28.3.16. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante sin autenticar que tenga acceso a red por medio de m\u00faltiples protocolos comprometa la seguridad de Java SE y JRockit. Los ataques exitosos a esta vulnerabilidad pueden dar lugar a que el atacante consiga provocar una denegaci\u00f3n de servicio parcial (DoS parcial) de Java SE y JRockit. Nota: Esta vulnerabilidad s\u00f3lo puede ser explotada proporcionando datos a las API en los Componentes especificados sin emplear aplicaciones Java Web Start que no son de confianza o applets Java que no son de confianza, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 5.3 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update171:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB929C7D-A5EE-4603-9414-E535408B41A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update161:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AA4AF8B-2E5E-4A5E-8930-B53A01A22C78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update171:*:*:*:*:*:*\",\"matchCriteriaId\":\"A86C2A04-A51C-403A-AAB5-81872453022D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update161:*:*:*:*:*:*\",\"matchCriteriaId\":\"32F5FDBE-ED30-48A9-B130-A48309C7D2CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jrockit:r28.3.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7283D6DD-DBFA-456F-9381-692B605B5625\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4840254-CC76-4113-BC61-360BD15582B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85EA16E0-9261-45C4-840F-5366E9EAC5E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4F86C3C-B99C-44C6-97D7-163DC3F59687\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BBCD86A-E6C7-4444-9D74-F861084090F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.6.0\",\"matchCriteriaId\":\"6CB56955-1A47-4F6C-A354-8BBAE7534504\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:xp_command_view:*:*:*:*:advanced:*:*:*\",\"versionStartIncluding\":\"8.6.2-01\",\"matchCriteriaId\":\"F5B13AEB-7C8C-49EB-BD13-CBA12CA529BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:xp_p9000_command_view:*:*:*:*:advanced:*:*:*\",\"versionStartIncluding\":\"8.6.2-01\",\"matchCriteriaId\":\"DA653F23-232D-4086-B9A4-4D809C87D9F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*\",\"versionStartIncluding\":\"8.6.2-01\",\"matchCriteriaId\":\"E92000F8-241D-4731-809F-C1D32F99AF9A\"}]}]}],\"references\":[{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/bid/102629\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1040203\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0100\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0115\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0458\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0521\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1463\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1812\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20180117-0001/\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/bid/102629\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1040203\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0100\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0115\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0458\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0521\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1463\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1812\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20180117-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}" } }
gsd-2018-2657
Vulnerability from gsd
{ "GSD": { "alias": "CVE-2018-2657", "description": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "id": "GSD-2018-2657", "references": [ "https://www.suse.com/security/cve/CVE-2018-2657.html", "https://access.redhat.com/errata/RHSA-2018:1812", "https://access.redhat.com/errata/RHSA-2018:1463", "https://access.redhat.com/errata/RHSA-2018:0521", "https://access.redhat.com/errata/RHSA-2018:0458", "https://access.redhat.com/errata/RHSA-2018:0115", "https://access.redhat.com/errata/RHSA-2018:0100" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2018-2657" ], "details": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "id": "GSD-2018-2657", "modified": "2023-12-13T01:22:31.793695Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2018-2657", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Java", "version": { "version_data": [ { "version_affected": "=", "version_value": "Java SE: 6u171" }, { "version_affected": "=", "version_value": "7u161; JRockit: R28.3.16" } ] } } ] }, "vendor_name": "Oracle Corporation" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit." } ] } ] }, "references": { "reference_data": [ { "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" }, { "name": "https://security.netapp.com/advisory/ntap-20180117-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20180117-0001/" }, { "name": "RHSA-2018:0521", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0521" }, { "name": "RHSA-2018:0115", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0115" }, { "name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", "refsource": "CONFIRM", "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0" }, { "name": "RHSA-2018:1812", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1812" }, { "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us", "refsource": "CONFIRM", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us" }, { "name": "RHSA-2018:1463", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1463" }, { "name": "RHSA-2018:0458", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0458" }, { "name": "1040203", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040203" }, { "name": "RHSA-2018:0100", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0100" }, { "name": "102629", "refsource": "BID", "url": "http://www.securityfocus.com/bid/102629" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:oracle:jrockit:r28.3.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update161:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update171:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update171:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update161:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "7.6.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*", "cpe_name": [], "versionStartIncluding": "8.6.2-01", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:hp:xp_p9000_command_view:*:*:*:*:advanced:*:*:*", "cpe_name": [], "versionStartIncluding": "8.6.2-01", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:hp:xp_command_view:*:*:*:*:advanced:*:*:*", "cpe_name": [], "versionStartIncluding": "8.6.2-01", "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2018-2657" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "refsource": "CONFIRM", "tags": [ "Patch" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" }, { "name": "https://security.netapp.com/advisory/ntap-20180117-0001/", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://security.netapp.com/advisory/ntap-20180117-0001/" }, { "name": "1040203", "refsource": "SECTRACK", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1040203" }, { "name": "102629", "refsource": "BID", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/102629" }, { "name": "RHSA-2018:0100", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:0100" }, { "name": "RHSA-2018:0115", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:0115" }, { "name": "RHSA-2018:0458", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:0458" }, { "name": "RHSA-2018:0521", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:0521" }, { "name": "RHSA-2018:1463", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:1463" }, { "name": "RHSA-2018:1812", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:1812" }, { "name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0" }, { "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 1.4 } }, "lastModifiedDate": "2022-05-13T14:57Z", "publishedDate": "2018-01-18T02:29Z" } } }
rhsa-2018_0100
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for java-1.7.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.\n\nThis update upgrades Oracle Java SE 7 to version 7 Update 171.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page listed in the References section. (CVE-2018-2579, CVE-2018-2581, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2629, CVE-2018-2633, CVE-2018-2634, CVE-2018-2637, CVE-2018-2641, CVE-2018-2657, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:0100", "url": "https://access.redhat.com/errata/RHSA-2018:0100" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/java/javaseproducts/documentation/javase7supportreleasenotes-1601161.html#R170_171", "url": "http://www.oracle.com/technetwork/java/javaseproducts/documentation/javase7supportreleasenotes-1601161.html#R170_171" }, { "category": "external", "summary": "1534263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534263" }, { "category": "external", "summary": "1534288", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534288" }, { "category": "external", "summary": "1534296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534296" }, { "category": "external", "summary": "1534298", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534298" }, { "category": "external", "summary": "1534299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534299" }, { "category": "external", "summary": "1534525", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534525" }, { "category": "external", "summary": "1534543", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534543" }, { "category": "external", "summary": "1534553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534553" }, { "category": "external", "summary": "1534625", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534625" }, { "category": "external", "summary": "1534762", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534762" }, { "category": "external", "summary": "1534766", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534766" }, { "category": "external", "summary": "1534943", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534943" }, { "category": "external", "summary": "1534970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534970" }, { "category": "external", "summary": "1535036", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535036" }, { "category": "external", "summary": "1535353", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535353" }, { "category": "external", "summary": "1535354", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535354" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0100.json" } ], "title": "Red Hat Security Advisory: java-1.7.0-oracle security update", "tracking": { "current_release_date": "2024-11-15T02:06:24+00:00", "generator": { "date": "2024-11-15T02:06:24+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2018:0100", "initial_release_date": "2018-01-18T21:55:56+00:00", "revision_history": [ { "date": "2018-01-18T21:55:56+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-01-18T21:55:56+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T02:06:24+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product": { "name": "Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-OracleJava-7.4.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7" } } }, { "category": "product_name", "name": "Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product": { "name": "Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product_id": "7ComputeNode-OracleJava-7.4.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7" } } }, { "category": "product_name", "name": "Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product": { "name": "Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-OracleJava-7.4.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7" } } }, { "category": "product_name", "name": "Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product": { "name": "Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-OracleJava-7.4.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7" } } }, { "category": "product_name", "name": "Oracle Java for Red Hat Enterprise Linux Desktop 6", "product": { "name": "Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6" } } }, { "category": "product_name", "name": "Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product": { "name": "Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6" } } }, { "category": "product_name", "name": "Oracle Java for Red Hat Enterprise Linux Server 6", "product": { "name": "Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6" } } }, { "category": "product_name", "name": "Oracle Java for Red Hat Enterprise Linux Workstation 6", "product": { "name": "Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6" } } } ], "category": "product_family", "name": "Oracle Java for Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "product": { "name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "product_id": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.171-1jpp.1.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "product": { "name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "product_id": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.171-1jpp.1.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "product": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.171-1jpp.1.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "product": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "product_id": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.171-1jpp.1.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "product": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "product_id": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-javafx@1.7.0.171-1jpp.1.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "product": { "name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "product_id": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.171-1jpp.1.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "product": { "name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "product_id": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.171-1jpp.1.el6_9?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "product": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "product_id": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.171-1jpp.1.el6_9?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "product": { "name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "product_id": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.171-1jpp.1.el6_9?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "product": { "name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "product_id": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.171-1jpp.1.el6_9?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "product": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.171-1jpp.1.el6_9?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "product": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "product_id": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-javafx@1.7.0.171-1jpp.1.el6_9?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "product": { "name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "product_id": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.171-1jpp.1.el7?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "product": { "name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "product_id": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.171-1jpp.1.el7?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "product": { "name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "product_id": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.171-1jpp.1.el6_9?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "product": { "name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "product_id": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.171-1jpp.1.el6_9?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "product": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "product_id": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.171-1jpp.1.el6_9?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "product": { "name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "product_id": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.171-1jpp.1.el6_9?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "product": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.171-1jpp.1.el6_9?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "product": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "product_id": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-javafx@1.7.0.171-1jpp.1.el6_9?arch=i686\u0026epoch=1" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "relates_to_product_reference": "7Client-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Client-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "relates_to_product_reference": "7Client-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Client-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Client-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Client-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Client-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Client-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "relates_to_product_reference": "7Server-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Server-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "relates_to_product_reference": "7Server-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Server-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Server-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Server-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Server-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Server-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "relates_to_product_reference": "7Workstation-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Workstation-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "relates_to_product_reference": "7Workstation-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Workstation-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Workstation-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Workstation-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Workstation-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Workstation-OracleJava-7.4.Z" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-2579", "cwe": { "id": "CWE-567", "name": "Unsynchronized Access to Shared Data in a Multithreaded Context" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534298" } ], "notes": [ { "category": "description", "text": "It was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2579" }, { "category": "external", "summary": "RHBZ#1534298", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534298" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2579", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2579" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2579", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2579" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-18T21:55:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0100" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)" }, { "cve": "CVE-2018-2581", "discovery_date": "2018-01-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1535354" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u161, 8u152 and 9.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N).", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u171, 8u161, and 9.0.4 (JavaFX)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2581" }, { "category": "external", "summary": "RHBZ#1535354", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535354" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2581", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2581" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2581", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2581" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-18T21:55:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0100" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 7u171, 8u161, and 9.0.4 (JavaFX)" }, { "cve": "CVE-2018-2588", "cwe": { "id": "CWE-90", "name": "Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534299" } ], "notes": [ { "category": "description", "text": "It was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2588" }, { "category": "external", "summary": "RHBZ#1534299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534299" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2588", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2588" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2588", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2588" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-18T21:55:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0100" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)" }, { "cve": "CVE-2018-2599", "cwe": { "id": "CWE-330", "name": "Use of Insufficiently Random Values" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534543" } ], "notes": [ { "category": "description", "text": "It was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: DnsClient missing source port randomization (JNDI, 8182125)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2599" }, { "category": "external", "summary": "RHBZ#1534543", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534543" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2599", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2599" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2599", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2599" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-18T21:55:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0100" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: DnsClient missing source port randomization (JNDI, 8182125)" }, { "cve": "CVE-2018-2602", "cwe": { "id": "CWE-426", "name": "Untrusted Search Path" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534525" } ], "notes": [ { "category": "description", "text": "It was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: loading of classes from untrusted locations (I18n, 8182601)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2602" }, { "category": "external", "summary": "RHBZ#1534525", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534525" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2602", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2602" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2602", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2602" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-18T21:55:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0100" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: loading of classes from untrusted locations (I18n, 8182601)" }, { "cve": "CVE-2018-2603", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534553" } ], "notes": [ { "category": "description", "text": "It was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2603" }, { "category": "external", "summary": "RHBZ#1534553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534553" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2603", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2603" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2603", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2603" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-18T21:55:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0100" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387)" }, { "cve": "CVE-2018-2618", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534762" } ], "notes": [ { "category": "description", "text": "It was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient strength of key agreement (JCE, 8185292)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2618" }, { "category": "external", "summary": "RHBZ#1534762", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534762" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2618", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2618" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2618", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2618" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-18T21:55:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0100" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: insufficient strength of key agreement (JCE, 8185292)" }, { "cve": "CVE-2018-2629", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534625" } ], "notes": [ { "category": "description", "text": "It was discovered that the JGSS component of OpenJDK failed to properly handle GSS context in the native GSS library wrapper in certain cases. A remote attacker could possibly make a Java application using JGSS to use a previously freed context.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: GSS context use-after-free (JGSS, 8186212)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2629" }, { "category": "external", "summary": "RHBZ#1534625", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534625" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2629", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2629" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2629", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2629" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-18T21:55:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0100" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: GSS context use-after-free (JGSS, 8186212)" }, { "cve": "CVE-2018-2633", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1535036" } ], "notes": [ { "category": "description", "text": "It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2633" }, { "category": "external", "summary": "RHBZ#1535036", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535036" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2633", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2633" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2633", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2633" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-18T21:55:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0100" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)" }, { "cve": "CVE-2018-2634", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534943" } ], "notes": [ { "category": "description", "text": "The JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2634" }, { "category": "external", "summary": "RHBZ#1534943", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534943" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2634", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2634" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2634", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2634" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-18T21:55:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0100" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600)" }, { "cve": "CVE-2018-2637", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534970" } ], "notes": [ { "category": "description", "text": "It was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2637" }, { "category": "external", "summary": "RHBZ#1534970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534970" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2637", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2637" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2637", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2637" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-18T21:55:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0100" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)" }, { "cve": "CVE-2018-2641", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534766" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: GTK library loading use-after-free (AWT, 8185325)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2641" }, { "category": "external", "summary": "RHBZ#1534766", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534766" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2641", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2641" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2641", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2641" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-18T21:55:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0100" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: GTK library loading use-after-free (AWT, 8185325)" }, { "cve": "CVE-2018-2657", "discovery_date": "2018-01-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1535353" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2657" }, { "category": "external", "summary": "RHBZ#1535353", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535353" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2657", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2657" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2657", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2657" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-18T21:55:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0100" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization)" }, { "cve": "CVE-2018-2663", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534296" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2663" }, { "category": "external", "summary": "RHBZ#1534296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534296" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2663", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2663" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2663", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2663" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-18T21:55:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0100" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)" }, { "cve": "CVE-2018-2677", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534288" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2677" }, { "category": "external", "summary": "RHBZ#1534288", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534288" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2677", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2677" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2677", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2677" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-18T21:55:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0100" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)" }, { "cve": "CVE-2018-2678", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534263" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2678" }, { "category": "external", "summary": "RHBZ#1534263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534263" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2678", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2678" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2678", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2678" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-18T21:55:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0100" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)" }, { "cve": "CVE-2018-2783", "discovery_date": "2018-04-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1569204" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u191, 7u171, and 8u161 (Security)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2783" }, { "category": "external", "summary": "RHBZ#1569204", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1569204" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2783", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2783" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2783", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2783" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixJAVA" } ], "release_date": "2018-04-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-18T21:55:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0100" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686", "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u191, 7u171, and 8u161 (Security)" } ] }
rhsa-2018_1463
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for java-1.8.0-ibm is now available for Red Hat Satellite 5.8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 8 to version 8 SR5-FP10.\n\nSecurity Fix(es):\n\n* IBM JDK: J9 JVM allows untrusted code running under a security manager to elevate its privileges (CVE-2018-1417)\n\n* Oracle JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Deployment) (CVE-2018-2638)\n\n* Oracle JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Deployment) (CVE-2018-2639)\n\n* OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962) (CVE-2018-2582)\n\n* Oracle JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Installer) (CVE-2018-2627)\n\n* OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606) (CVE-2018-2633)\n\n* OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600) (CVE-2018-2634)\n\n* OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998) (CVE-2018-2637)\n\n* OpenJDK: GTK library loading use-after-free (AWT, 8185325) (CVE-2018-2641)\n\n* Oracle JDK: unspecified vulnerability fixed in 7u171, 8u161, and 9.0.4 (JavaFX) (CVE-2018-2581)\n\n* OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449) (CVE-2018-2588)\n\n* OpenJDK: DnsClient missing source port randomization (JNDI, 8182125) (CVE-2018-2599)\n\n* OpenJDK: loading of classes from untrusted locations (I18n, 8182601) (CVE-2018-2602)\n\n* OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387) (CVE-2018-2603)\n\n* OpenJDK: insufficient strength of key agreement (JCE, 8185292) (CVE-2018-2618)\n\n* OpenJDK: GSS context use-after-free (JGSS, 8186212) (CVE-2018-2629)\n\n* Oracle JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization) (CVE-2018-2657)\n\n* OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284) (CVE-2018-2663)\n\n* OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289) (CVE-2018-2677)\n\n* OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142) (CVE-2018-2678)\n\n* OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525) (CVE-2018-2579)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:1463", "url": "https://access.redhat.com/errata/RHSA-2018:1463" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1534263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534263" }, { "category": "external", "summary": "1534288", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534288" }, { "category": "external", "summary": "1534296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534296" }, { "category": "external", "summary": "1534298", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534298" }, { "category": "external", "summary": "1534299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534299" }, { "category": "external", "summary": "1534525", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534525" }, { "category": "external", "summary": "1534543", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534543" }, { "category": "external", "summary": "1534553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534553" }, { "category": "external", "summary": "1534625", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534625" }, { "category": "external", "summary": "1534762", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534762" }, { "category": "external", "summary": "1534766", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534766" }, { "category": "external", "summary": "1534768", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534768" }, { "category": "external", "summary": "1534943", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534943" }, { "category": "external", "summary": "1534970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534970" }, { "category": "external", "summary": "1535036", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535036" }, { "category": "external", "summary": "1535350", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535350" }, { "category": "external", "summary": "1535351", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535351" }, { "category": "external", "summary": "1535352", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535352" }, { "category": "external", "summary": "1535353", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535353" }, { "category": "external", "summary": "1535354", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535354" }, { "category": "external", "summary": "1568966", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568966" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1463.json" } ], "title": "Red Hat Security Advisory: java-1.8.0-ibm security update", "tracking": { "current_release_date": "2024-11-15T02:08:06+00:00", "generator": { "date": "2024-11-15T02:08:06+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2018:1463", "initial_release_date": "2018-05-15T15:30:51+00:00", "revision_history": [ { "date": "2018-05-15T15:30:51+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-05-15T15:30:51+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T02:08:06+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Satellite 5.8 (RHEL v.6)", "product": { "name": "Red Hat Satellite 5.8 (RHEL v.6)", "product_id": "6Server-Satellite58", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.8::el6" } } } ], "category": "product_family", "name": "Red Hat Satellite" }, { "branches": [ { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "product": { "name": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "product_id": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.5.10-1jpp.1.el6_9?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "product": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "product_id": "java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.5.10-1jpp.1.el6_9?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "product": { "name": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "product_id": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.5.10-1jpp.1.el6_9?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "product": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "product_id": "java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.5.10-1jpp.1.el6_9?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "product": { "name": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "product_id": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.5.10-1jpp.1.el6_9?arch=src\u0026epoch=1" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x as a component of Red Hat Satellite 5.8 (RHEL v.6)", "product_id": "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "relates_to_product_reference": "6Server-Satellite58" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src as a component of Red Hat Satellite 5.8 (RHEL v.6)", "product_id": "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "relates_to_product_reference": "6Server-Satellite58" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64 as a component of Red Hat Satellite 5.8 (RHEL v.6)", "product_id": "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Server-Satellite58" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x as a component of Red Hat Satellite 5.8 (RHEL v.6)", "product_id": "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "relates_to_product_reference": "6Server-Satellite58" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64 as a component of Red Hat Satellite 5.8 (RHEL v.6)", "product_id": "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Server-Satellite58" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-1417", "discovery_date": "2018-02-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1568966" } ], "notes": [ { "category": "description", "text": "Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a security manager to elevate its privileges. IBM X-Force ID: 138823.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: J9 JVM allows untrusted code running under a security manager to elevate its privileges", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-1417" }, { "category": "external", "summary": "RHBZ#1568966", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568966" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1417", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1417" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1417", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1417" }, { "category": "external", "summary": "https://exchange.xforce.ibmcloud.com/vulnerabilities/138823", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/138823" } ], "release_date": "2018-02-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-15T15:30:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1463" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: J9 JVM allows untrusted code running under a security manager to elevate its privileges" }, { "cve": "CVE-2018-2579", "cwe": { "id": "CWE-567", "name": "Unsynchronized Access to Shared Data in a Multithreaded Context" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534298" } ], "notes": [ { "category": "description", "text": "It was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2579" }, { "category": "external", "summary": "RHBZ#1534298", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534298" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2579", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2579" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2579", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2579" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-15T15:30:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1463" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)" }, { "cve": "CVE-2018-2581", "discovery_date": "2018-01-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1535354" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u161, 8u152 and 9.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N).", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u171, 8u161, and 9.0.4 (JavaFX)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2581" }, { "category": "external", "summary": "RHBZ#1535354", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535354" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2581", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2581" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2581", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2581" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-15T15:30:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1463" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 7u171, 8u161, and 9.0.4 (JavaFX)" }, { "cve": "CVE-2018-2582", "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534768" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2582" }, { "category": "external", "summary": "RHBZ#1534768", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534768" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2582", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2582" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2582", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2582" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-15T15:30:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1463" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962)" }, { "cve": "CVE-2018-2588", "cwe": { "id": "CWE-90", "name": "Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534299" } ], "notes": [ { "category": "description", "text": "It was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2588" }, { "category": "external", "summary": "RHBZ#1534299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534299" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2588", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2588" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2588", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2588" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-15T15:30:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1463" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)" }, { "cve": "CVE-2018-2599", "cwe": { "id": "CWE-330", "name": "Use of Insufficiently Random Values" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534543" } ], "notes": [ { "category": "description", "text": "It was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: DnsClient missing source port randomization (JNDI, 8182125)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2599" }, { "category": "external", "summary": "RHBZ#1534543", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534543" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2599", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2599" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2599", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2599" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-15T15:30:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1463" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", "version": "3.0" }, "products": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: DnsClient missing source port randomization (JNDI, 8182125)" }, { "cve": "CVE-2018-2602", "cwe": { "id": "CWE-426", "name": "Untrusted Search Path" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534525" } ], "notes": [ { "category": "description", "text": "It was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: loading of classes from untrusted locations (I18n, 8182601)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2602" }, { "category": "external", "summary": "RHBZ#1534525", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534525" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2602", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2602" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2602", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2602" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-15T15:30:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1463" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: loading of classes from untrusted locations (I18n, 8182601)" }, { "cve": "CVE-2018-2603", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534553" } ], "notes": [ { "category": "description", "text": "It was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2603" }, { "category": "external", "summary": "RHBZ#1534553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534553" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2603", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2603" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2603", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2603" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-15T15:30:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1463" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387)" }, { "cve": "CVE-2018-2618", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534762" } ], "notes": [ { "category": "description", "text": "It was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient strength of key agreement (JCE, 8185292)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2618" }, { "category": "external", "summary": "RHBZ#1534762", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534762" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2618", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2618" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2618", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2618" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-15T15:30:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1463" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: insufficient strength of key agreement (JCE, 8185292)" }, { "cve": "CVE-2018-2627", "discovery_date": "2018-01-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1535352" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Java SE executes to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to the Windows installer only. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H).", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Installer)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2627" }, { "category": "external", "summary": "RHBZ#1535352", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535352" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2627", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2627" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2627", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2627" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-15T15:30:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1463" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Installer)" }, { "cve": "CVE-2018-2629", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534625" } ], "notes": [ { "category": "description", "text": "It was discovered that the JGSS component of OpenJDK failed to properly handle GSS context in the native GSS library wrapper in certain cases. A remote attacker could possibly make a Java application using JGSS to use a previously freed context.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: GSS context use-after-free (JGSS, 8186212)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2629" }, { "category": "external", "summary": "RHBZ#1534625", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534625" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2629", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2629" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2629", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2629" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-15T15:30:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1463" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: GSS context use-after-free (JGSS, 8186212)" }, { "cve": "CVE-2018-2633", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1535036" } ], "notes": [ { "category": "description", "text": "It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2633" }, { "category": "external", "summary": "RHBZ#1535036", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535036" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2633", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2633" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2633", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2633" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-15T15:30:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1463" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)" }, { "cve": "CVE-2018-2634", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534943" } ], "notes": [ { "category": "description", "text": "The JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2634" }, { "category": "external", "summary": "RHBZ#1534943", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534943" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2634", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2634" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2634", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2634" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-15T15:30:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1463" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600)" }, { "cve": "CVE-2018-2637", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534970" } ], "notes": [ { "category": "description", "text": "It was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2637" }, { "category": "external", "summary": "RHBZ#1534970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534970" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2637", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2637" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2637", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2637" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-15T15:30:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1463" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.0" }, "products": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)" }, { "cve": "CVE-2018-2638", "discovery_date": "2018-01-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1535350" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2638" }, { "category": "external", "summary": "RHBZ#1535350", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535350" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2638", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2638" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2638", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2638" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-15T15:30:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1463" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Deployment)" }, { "cve": "CVE-2018-2639", "discovery_date": "2018-01-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1535351" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2639" }, { "category": "external", "summary": "RHBZ#1535351", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535351" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2639", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2639" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2639", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2639" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-15T15:30:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1463" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Deployment)" }, { "cve": "CVE-2018-2641", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534766" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: GTK library loading use-after-free (AWT, 8185325)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2641" }, { "category": "external", "summary": "RHBZ#1534766", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534766" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2641", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2641" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2641", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2641" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-15T15:30:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1463" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N", "version": "3.0" }, "products": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: GTK library loading use-after-free (AWT, 8185325)" }, { "cve": "CVE-2018-2657", "discovery_date": "2018-01-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1535353" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2657" }, { "category": "external", "summary": "RHBZ#1535353", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535353" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2657", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2657" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2657", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2657" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-15T15:30:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1463" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization)" }, { "cve": "CVE-2018-2663", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534296" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2663" }, { "category": "external", "summary": "RHBZ#1534296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534296" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2663", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2663" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2663", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2663" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-15T15:30:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1463" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)" }, { "cve": "CVE-2018-2677", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534288" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2677" }, { "category": "external", "summary": "RHBZ#1534288", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534288" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2677", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2677" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2677", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2677" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-15T15:30:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1463" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)" }, { "cve": "CVE-2018-2678", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534263" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2678" }, { "category": "external", "summary": "RHBZ#1534263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534263" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2678", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2678" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2678", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2678" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-15T15:30:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1463" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)" } ] }
rhsa-2018_1812
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for java-1.7.1-ibm is now available for Red Hat Satellite 5.6 and Red Hat Satellite 5.7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 7 to version 7R1 SR4-FP20.\n\nSecurity Fix(es):\n\n* OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606) (CVE-2018-2633)\n\n* OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600) (CVE-2018-2634)\n\n* OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998) (CVE-2018-2637)\n\n* OpenJDK: GTK library loading use-after-free (AWT, 8185325) (CVE-2018-2641)\n\n* Oracle JDK: unspecified vulnerability fixed in 7u171, 8u161, and 9.0.4 (JavaFX) (CVE-2018-2581)\n\n* OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449) (CVE-2018-2588)\n\n* OpenJDK: DnsClient missing source port randomization (JNDI, 8182125) (CVE-2018-2599)\n\n* OpenJDK: loading of classes from untrusted locations (I18n, 8182601) (CVE-2018-2602)\n\n* OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387) (CVE-2018-2603)\n\n* OpenJDK: insufficient strength of key agreement (JCE, 8185292) (CVE-2018-2618)\n\n* OpenJDK: GSS context use-after-free (JGSS, 8186212) (CVE-2018-2629)\n\n* Oracle JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization) (CVE-2018-2657)\n\n* OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284) (CVE-2018-2663)\n\n* OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289) (CVE-2018-2677)\n\n* OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142) (CVE-2018-2678)\n\n* OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525) (CVE-2018-2579)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:1812", "url": "https://access.redhat.com/errata/RHSA-2018:1812" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1534263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534263" }, { "category": "external", "summary": "1534288", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534288" }, { "category": "external", "summary": "1534296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534296" }, { "category": "external", "summary": "1534298", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534298" }, { "category": "external", "summary": "1534299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534299" }, { "category": "external", "summary": "1534525", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534525" }, { "category": "external", "summary": "1534543", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534543" }, { "category": "external", "summary": "1534553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534553" }, { "category": "external", "summary": "1534625", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534625" }, { "category": "external", "summary": "1534762", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534762" }, { "category": "external", "summary": "1534766", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534766" }, { "category": "external", "summary": "1534943", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534943" }, { "category": "external", "summary": "1534970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534970" }, { "category": "external", "summary": "1535036", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535036" }, { "category": "external", "summary": "1535353", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535353" }, { "category": "external", "summary": "1535354", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535354" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1812.json" } ], "title": "Red Hat Security Advisory: java-1.7.1-ibm security update", "tracking": { "current_release_date": "2024-11-15T02:10:01+00:00", "generator": { "date": "2024-11-15T02:10:01+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2018:1812", "initial_release_date": "2018-06-07T16:05:05+00:00", "revision_history": [ { "date": "2018-06-07T16:05:05+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-06-07T16:05:05+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T02:10:01+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Satellite 5.6 (RHEL v.6)", "product": { "name": "Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.6::el6" } } }, { "category": "product_name", "name": "Red Hat Satellite 5.7 (RHEL v.6)", "product": { "name": "Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.7::el6" } } } ], "category": "product_family", "name": "Red Hat Satellite" }, { "branches": [ { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "product_id": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.20-1jpp.3.el6_9?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.20-1jpp.3.el6_9?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "product_id": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.20-1jpp.3.el6_9?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.20-1jpp.3.el6_9?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6Server-Satellite57" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-2579", "cwe": { "id": "CWE-567", "name": "Unsynchronized Access to Shared Data in a Multithreaded Context" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534298" } ], "notes": [ { "category": "description", "text": "It was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2579" }, { "category": "external", "summary": "RHBZ#1534298", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534298" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2579", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2579" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2579", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2579" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-06-07T16:05:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)" }, { "cve": "CVE-2018-2581", "discovery_date": "2018-01-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1535354" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u161, 8u152 and 9.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N).", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u171, 8u161, and 9.0.4 (JavaFX)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2581" }, { "category": "external", "summary": "RHBZ#1535354", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535354" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2581", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2581" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2581", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2581" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-06-07T16:05:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 7u171, 8u161, and 9.0.4 (JavaFX)" }, { "cve": "CVE-2018-2588", "cwe": { "id": "CWE-90", "name": "Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534299" } ], "notes": [ { "category": "description", "text": "It was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2588" }, { "category": "external", "summary": "RHBZ#1534299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534299" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2588", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2588" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2588", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2588" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-06-07T16:05:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)" }, { "cve": "CVE-2018-2599", "cwe": { "id": "CWE-330", "name": "Use of Insufficiently Random Values" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534543" } ], "notes": [ { "category": "description", "text": "It was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: DnsClient missing source port randomization (JNDI, 8182125)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2599" }, { "category": "external", "summary": "RHBZ#1534543", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534543" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2599", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2599" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2599", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2599" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-06-07T16:05:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: DnsClient missing source port randomization (JNDI, 8182125)" }, { "cve": "CVE-2018-2602", "cwe": { "id": "CWE-426", "name": "Untrusted Search Path" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534525" } ], "notes": [ { "category": "description", "text": "It was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: loading of classes from untrusted locations (I18n, 8182601)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2602" }, { "category": "external", "summary": "RHBZ#1534525", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534525" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2602", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2602" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2602", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2602" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-06-07T16:05:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: loading of classes from untrusted locations (I18n, 8182601)" }, { "cve": "CVE-2018-2603", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534553" } ], "notes": [ { "category": "description", "text": "It was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2603" }, { "category": "external", "summary": "RHBZ#1534553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534553" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2603", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2603" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2603", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2603" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-06-07T16:05:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387)" }, { "cve": "CVE-2018-2618", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534762" } ], "notes": [ { "category": "description", "text": "It was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient strength of key agreement (JCE, 8185292)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2618" }, { "category": "external", "summary": "RHBZ#1534762", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534762" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2618", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2618" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2618", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2618" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-06-07T16:05:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: insufficient strength of key agreement (JCE, 8185292)" }, { "cve": "CVE-2018-2629", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534625" } ], "notes": [ { "category": "description", "text": "It was discovered that the JGSS component of OpenJDK failed to properly handle GSS context in the native GSS library wrapper in certain cases. A remote attacker could possibly make a Java application using JGSS to use a previously freed context.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: GSS context use-after-free (JGSS, 8186212)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2629" }, { "category": "external", "summary": "RHBZ#1534625", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534625" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2629", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2629" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2629", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2629" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-06-07T16:05:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: GSS context use-after-free (JGSS, 8186212)" }, { "cve": "CVE-2018-2633", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1535036" } ], "notes": [ { "category": "description", "text": "It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2633" }, { "category": "external", "summary": "RHBZ#1535036", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535036" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2633", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2633" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2633", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2633" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-06-07T16:05:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)" }, { "cve": "CVE-2018-2634", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534943" } ], "notes": [ { "category": "description", "text": "The JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2634" }, { "category": "external", "summary": "RHBZ#1534943", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534943" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2634", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2634" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2634", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2634" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-06-07T16:05:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600)" }, { "cve": "CVE-2018-2637", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534970" } ], "notes": [ { "category": "description", "text": "It was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2637" }, { "category": "external", "summary": "RHBZ#1534970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534970" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2637", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2637" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2637", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2637" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-06-07T16:05:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)" }, { "cve": "CVE-2018-2641", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534766" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: GTK library loading use-after-free (AWT, 8185325)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2641" }, { "category": "external", "summary": "RHBZ#1534766", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534766" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2641", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2641" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2641", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2641" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-06-07T16:05:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: GTK library loading use-after-free (AWT, 8185325)" }, { "cve": "CVE-2018-2657", "discovery_date": "2018-01-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1535353" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2657" }, { "category": "external", "summary": "RHBZ#1535353", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535353" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2657", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2657" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2657", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2657" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-06-07T16:05:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization)" }, { "cve": "CVE-2018-2663", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534296" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2663" }, { "category": "external", "summary": "RHBZ#1534296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534296" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2663", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2663" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2663", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2663" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-06-07T16:05:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)" }, { "cve": "CVE-2018-2677", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534288" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2677" }, { "category": "external", "summary": "RHBZ#1534288", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534288" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2677", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2677" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2677", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2677" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-06-07T16:05:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)" }, { "cve": "CVE-2018-2678", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534263" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2678" }, { "category": "external", "summary": "RHBZ#1534263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534263" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2678", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2678" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2678", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2678" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-06-07T16:05:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)" } ] }
rhsa-2018_0521
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 7 to version 7R1 SR4-FP20.\n\nSecurity Fix(es):\n\n* OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962) (CVE-2018-2582)\n\n* OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606) (CVE-2018-2633)\n\n* OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600) (CVE-2018-2634)\n\n* OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998) (CVE-2018-2637)\n\n* OpenJDK: GTK library loading use-after-free (AWT, 8185325) (CVE-2018-2641)\n\n* OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449) (CVE-2018-2588)\n\n* OpenJDK: DnsClient missing source port randomization (JNDI, 8182125) (CVE-2018-2599)\n\n* OpenJDK: loading of classes from untrusted locations (I18n, 8182601) (CVE-2018-2602)\n\n* OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387) (CVE-2018-2603)\n\n* OpenJDK: insufficient strength of key agreement (JCE, 8185292) (CVE-2018-2618)\n\n* Oracle JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization) (CVE-2018-2657)\n\n* OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284) (CVE-2018-2663)\n\n* OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289) (CVE-2018-2677)\n\n* OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142) (CVE-2018-2678)\n\n* OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525) (CVE-2018-2579)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:0521", "url": "https://access.redhat.com/errata/RHSA-2018:0521" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1534263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534263" }, { "category": "external", "summary": "1534288", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534288" }, { "category": "external", "summary": "1534296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534296" }, { "category": "external", "summary": "1534298", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534298" }, { "category": "external", "summary": "1534299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534299" }, { "category": "external", "summary": "1534525", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534525" }, { "category": "external", "summary": "1534543", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534543" }, { "category": "external", "summary": "1534553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534553" }, { "category": "external", "summary": "1534762", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534762" }, { "category": "external", "summary": "1534766", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534766" }, { "category": "external", "summary": "1534768", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534768" }, { "category": "external", "summary": "1534943", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534943" }, { "category": "external", "summary": "1534970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534970" }, { "category": "external", "summary": "1535036", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535036" }, { "category": "external", "summary": "1535353", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535353" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0521.json" } ], "title": "Red Hat Security Advisory: java-1.7.1-ibm security update", "tracking": { "current_release_date": "2024-11-15T02:07:13+00:00", "generator": { "date": "2024-11-15T02:07:13+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2018:0521", "initial_release_date": "2018-03-14T15:23:31+00:00", "revision_history": [ { "date": "2018-03-14T15:23:31+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-03-14T15:23:31+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T02:07:13+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux Supplementary" }, { "branches": [ { "category": "product_version", "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "product": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "product_id": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-src@1.7.1.4.20-1jpp.3.el6_9?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.20-1jpp.3.el6_9?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "product": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "product_id": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-demo@1.7.1.4.20-1jpp.3.el6_9?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "product": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "product_id": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-plugin@1.7.1.4.20-1jpp.3.el6_9?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "product_id": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.20-1jpp.3.el6_9?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "product": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "product_id": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-jdbc@1.7.1.4.20-1jpp.3.el6_9?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "product": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "product_id": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-src@1.7.1.4.20-1jpp.3.el6_9?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.20-1jpp.3.el6_9?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "product": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "product_id": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-demo@1.7.1.4.20-1jpp.3.el6_9?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "product": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "product_id": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-plugin@1.7.1.4.20-1jpp.3.el6_9?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "product_id": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.20-1jpp.3.el6_9?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "product": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "product_id": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-jdbc@1.7.1.4.20-1jpp.3.el6_9?arch=i686\u0026epoch=1" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "product": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "product_id": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-src@1.7.1.4.20-1jpp.3.el6_9?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.20-1jpp.3.el6_9?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "product": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "product_id": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-demo@1.7.1.4.20-1jpp.3.el6_9?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "product_id": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.20-1jpp.3.el6_9?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "product": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "product_id": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-jdbc@1.7.1.4.20-1jpp.3.el6_9?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "product": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "product_id": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-src@1.7.1.4.20-1jpp.3.el6_9?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.20-1jpp.3.el6_9?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "product": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "product_id": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-demo@1.7.1.4.20-1jpp.3.el6_9?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "product_id": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.20-1jpp.3.el6_9?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "product": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "product_id": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-jdbc@1.7.1.4.20-1jpp.3.el6_9?arch=ppc64\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-1417", "discovery_date": "2018-02-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1568966" } ], "notes": [ { "category": "description", "text": "Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a security manager to elevate its privileges. IBM X-Force ID: 138823.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: J9 JVM allows untrusted code running under a security manager to elevate its privileges", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-1417" }, { "category": "external", "summary": "RHBZ#1568966", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568966" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1417", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1417" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1417", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1417" }, { "category": "external", "summary": "https://exchange.xforce.ibmcloud.com/vulnerabilities/138823", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/138823" } ], "release_date": "2018-02-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-14T15:23:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0521" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: J9 JVM allows untrusted code running under a security manager to elevate its privileges" }, { "cve": "CVE-2018-2579", "cwe": { "id": "CWE-567", "name": "Unsynchronized Access to Shared Data in a Multithreaded Context" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534298" } ], "notes": [ { "category": "description", "text": "It was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2579" }, { "category": "external", "summary": "RHBZ#1534298", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534298" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2579", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2579" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2579", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2579" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-14T15:23:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0521" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)" }, { "cve": "CVE-2018-2582", "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534768" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2582" }, { "category": "external", "summary": "RHBZ#1534768", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534768" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2582", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2582" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2582", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2582" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-14T15:23:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0521" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962)" }, { "cve": "CVE-2018-2588", "cwe": { "id": "CWE-90", "name": "Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534299" } ], "notes": [ { "category": "description", "text": "It was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2588" }, { "category": "external", "summary": "RHBZ#1534299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534299" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2588", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2588" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2588", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2588" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-14T15:23:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0521" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)" }, { "cve": "CVE-2018-2599", "cwe": { "id": "CWE-330", "name": "Use of Insufficiently Random Values" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534543" } ], "notes": [ { "category": "description", "text": "It was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: DnsClient missing source port randomization (JNDI, 8182125)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2599" }, { "category": "external", "summary": "RHBZ#1534543", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534543" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2599", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2599" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2599", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2599" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-14T15:23:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0521" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: DnsClient missing source port randomization (JNDI, 8182125)" }, { "cve": "CVE-2018-2602", "cwe": { "id": "CWE-426", "name": "Untrusted Search Path" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534525" } ], "notes": [ { "category": "description", "text": "It was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: loading of classes from untrusted locations (I18n, 8182601)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2602" }, { "category": "external", "summary": "RHBZ#1534525", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534525" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2602", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2602" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2602", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2602" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-14T15:23:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0521" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: loading of classes from untrusted locations (I18n, 8182601)" }, { "cve": "CVE-2018-2603", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534553" } ], "notes": [ { "category": "description", "text": "It was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2603" }, { "category": "external", "summary": "RHBZ#1534553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534553" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2603", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2603" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2603", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2603" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-14T15:23:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0521" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387)" }, { "cve": "CVE-2018-2618", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534762" } ], "notes": [ { "category": "description", "text": "It was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient strength of key agreement (JCE, 8185292)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2618" }, { "category": "external", "summary": "RHBZ#1534762", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534762" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2618", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2618" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2618", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2618" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-14T15:23:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0521" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: insufficient strength of key agreement (JCE, 8185292)" }, { "cve": "CVE-2018-2633", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1535036" } ], "notes": [ { "category": "description", "text": "It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2633" }, { "category": "external", "summary": "RHBZ#1535036", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535036" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2633", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2633" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2633", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2633" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-14T15:23:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0521" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)" }, { "cve": "CVE-2018-2634", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534943" } ], "notes": [ { "category": "description", "text": "The JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2634" }, { "category": "external", "summary": "RHBZ#1534943", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534943" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2634", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2634" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2634", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2634" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-14T15:23:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0521" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600)" }, { "cve": "CVE-2018-2637", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534970" } ], "notes": [ { "category": "description", "text": "It was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2637" }, { "category": "external", "summary": "RHBZ#1534970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534970" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2637", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2637" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2637", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2637" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-14T15:23:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0521" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)" }, { "cve": "CVE-2018-2641", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534766" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: GTK library loading use-after-free (AWT, 8185325)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2641" }, { "category": "external", "summary": "RHBZ#1534766", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534766" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2641", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2641" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2641", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2641" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-14T15:23:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0521" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: GTK library loading use-after-free (AWT, 8185325)" }, { "cve": "CVE-2018-2657", "discovery_date": "2018-01-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1535353" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2657" }, { "category": "external", "summary": "RHBZ#1535353", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535353" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2657", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2657" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2657", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2657" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-14T15:23:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0521" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization)" }, { "cve": "CVE-2018-2663", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534296" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2663" }, { "category": "external", "summary": "RHBZ#1534296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534296" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2663", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2663" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2663", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2663" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-14T15:23:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0521" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)" }, { "cve": "CVE-2018-2677", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534288" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2677" }, { "category": "external", "summary": "RHBZ#1534288", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534288" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2677", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2677" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2677", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2677" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-14T15:23:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0521" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)" }, { "cve": "CVE-2018-2678", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534263" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2678" }, { "category": "external", "summary": "RHBZ#1534263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534263" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2678", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2678" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2678", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2678" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-14T15:23:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0521" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)" } ] }
rhsa-2018_0458
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 7 to version 7R1 SR4-FP20.\n\nSecurity Fix(es):\n\n* OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962) (CVE-2018-2582)\n\n* OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606) (CVE-2018-2633)\n\n* OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600) (CVE-2018-2634)\n\n* OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998) (CVE-2018-2637)\n\n* OpenJDK: GTK library loading use-after-free (AWT, 8185325) (CVE-2018-2641)\n\n* OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449) (CVE-2018-2588)\n\n* OpenJDK: DnsClient missing source port randomization (JNDI, 8182125) (CVE-2018-2599)\n\n* OpenJDK: loading of classes from untrusted locations (I18n, 8182601) (CVE-2018-2602)\n\n* OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387) (CVE-2018-2603)\n\n* OpenJDK: insufficient strength of key agreement (JCE, 8185292) (CVE-2018-2618)\n\n* Oracle JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization) (CVE-2018-2657)\n\n* OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284) (CVE-2018-2663)\n\n* OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289) (CVE-2018-2677)\n\n* OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142) (CVE-2018-2678)\n\n* OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525) (CVE-2018-2579)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:0458", "url": "https://access.redhat.com/errata/RHSA-2018:0458" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1534263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534263" }, { "category": "external", "summary": "1534288", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534288" }, { "category": "external", "summary": "1534296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534296" }, { "category": "external", "summary": "1534298", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534298" }, { "category": "external", "summary": "1534299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534299" }, { "category": "external", "summary": "1534525", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534525" }, { "category": "external", "summary": "1534543", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534543" }, { "category": "external", "summary": "1534553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534553" }, { "category": "external", "summary": "1534762", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534762" }, { "category": "external", "summary": "1534766", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534766" }, { "category": "external", "summary": "1534768", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534768" }, { "category": "external", "summary": "1534943", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534943" }, { "category": "external", "summary": "1534970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534970" }, { "category": "external", "summary": "1535036", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535036" }, { "category": "external", "summary": "1535353", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535353" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0458.json" } ], "title": "Red Hat Security Advisory: java-1.7.1-ibm security update", "tracking": { "current_release_date": "2024-11-15T02:06:53+00:00", "generator": { "date": "2024-11-15T02:06:53+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2018:0458", "initial_release_date": "2018-03-07T10:33:13+00:00", "revision_history": [ { "date": "2018-03-07T10:33:13+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-03-07T10:33:13+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T02:06:53+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Client Supplementary (v. 7)", "product": { "name": "Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:7" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product": { "name": "Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:7" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 7)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:7" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product": { "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:7" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux Supplementary" }, { "branches": [ { "category": "product_version", "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "product": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "product_id": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-demo@1.7.1.4.20-1jpp.1.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "product_id": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.20-1jpp.1.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "product": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "product_id": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-plugin@1.7.1.4.20-1jpp.1.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "product": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "product_id": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-jdbc@1.7.1.4.20-1jpp.1.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "product": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "product_id": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-src@1.7.1.4.20-1jpp.1.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.20-1jpp.1.el7?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "product_id": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.20-1jpp.1.el7?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.20-1jpp.1.el7?arch=i686\u0026epoch=1" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "product": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "product_id": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-demo@1.7.1.4.20-1jpp.1.el7?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "product_id": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.20-1jpp.1.el7?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "product": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "product_id": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-jdbc@1.7.1.4.20-1jpp.1.el7?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "product": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "product_id": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-src@1.7.1.4.20-1jpp.1.el7?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.20-1jpp.1.el7?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "product_id": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.20-1jpp.1.el7?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.20-1jpp.1.el7?arch=s390\u0026epoch=1" } } } ], "category": "architecture", "name": "s390" }, { "branches": [ { "category": "product_version", "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "product": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "product_id": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-demo@1.7.1.4.20-1jpp.1.el7?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "product_id": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.20-1jpp.1.el7?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "product": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "product_id": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-jdbc@1.7.1.4.20-1jpp.1.el7?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "product": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "product_id": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-src@1.7.1.4.20-1jpp.1.el7?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.20-1jpp.1.el7?arch=ppc64\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "product_id": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.20-1jpp.1.el7?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "product": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "product_id": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-plugin@1.7.1.4.20-1jpp.1.el7?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.20-1jpp.1.el7?arch=ppc\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc" }, { "branches": [ { "category": "product_version", "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "product": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "product_id": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-demo@1.7.1.4.20-1jpp.1.el7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "product_id": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.20-1jpp.1.el7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "product": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "product_id": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-jdbc@1.7.1.4.20-1jpp.1.el7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "product": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "product_id": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-src@1.7.1.4.20-1jpp.1.el7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.20-1jpp.1.el7?arch=ppc64le\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64le" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-1417", "discovery_date": "2018-02-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1568966" } ], "notes": [ { "category": "description", "text": "Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a security manager to elevate its privileges. IBM X-Force ID: 138823.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: J9 JVM allows untrusted code running under a security manager to elevate its privileges", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-1417" }, { "category": "external", "summary": "RHBZ#1568966", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568966" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1417", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1417" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1417", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1417" }, { "category": "external", "summary": "https://exchange.xforce.ibmcloud.com/vulnerabilities/138823", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/138823" } ], "release_date": "2018-02-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-07T10:33:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0458" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: J9 JVM allows untrusted code running under a security manager to elevate its privileges" }, { "cve": "CVE-2018-2579", "cwe": { "id": "CWE-567", "name": "Unsynchronized Access to Shared Data in a Multithreaded Context" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534298" } ], "notes": [ { "category": "description", "text": "It was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2579" }, { "category": "external", "summary": "RHBZ#1534298", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534298" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2579", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2579" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2579", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2579" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-07T10:33:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0458" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)" }, { "cve": "CVE-2018-2582", "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534768" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2582" }, { "category": "external", "summary": "RHBZ#1534768", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534768" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2582", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2582" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2582", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2582" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-07T10:33:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0458" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962)" }, { "cve": "CVE-2018-2588", "cwe": { "id": "CWE-90", "name": "Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534299" } ], "notes": [ { "category": "description", "text": "It was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2588" }, { "category": "external", "summary": "RHBZ#1534299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534299" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2588", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2588" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2588", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2588" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-07T10:33:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0458" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)" }, { "cve": "CVE-2018-2599", "cwe": { "id": "CWE-330", "name": "Use of Insufficiently Random Values" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534543" } ], "notes": [ { "category": "description", "text": "It was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: DnsClient missing source port randomization (JNDI, 8182125)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2599" }, { "category": "external", "summary": "RHBZ#1534543", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534543" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2599", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2599" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2599", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2599" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-07T10:33:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0458" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: DnsClient missing source port randomization (JNDI, 8182125)" }, { "cve": "CVE-2018-2602", "cwe": { "id": "CWE-426", "name": "Untrusted Search Path" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534525" } ], "notes": [ { "category": "description", "text": "It was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: loading of classes from untrusted locations (I18n, 8182601)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2602" }, { "category": "external", "summary": "RHBZ#1534525", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534525" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2602", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2602" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2602", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2602" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-07T10:33:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0458" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: loading of classes from untrusted locations (I18n, 8182601)" }, { "cve": "CVE-2018-2603", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534553" } ], "notes": [ { "category": "description", "text": "It was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2603" }, { "category": "external", "summary": "RHBZ#1534553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534553" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2603", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2603" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2603", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2603" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-07T10:33:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0458" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387)" }, { "cve": "CVE-2018-2618", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534762" } ], "notes": [ { "category": "description", "text": "It was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient strength of key agreement (JCE, 8185292)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2618" }, { "category": "external", "summary": "RHBZ#1534762", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534762" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2618", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2618" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2618", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2618" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-07T10:33:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0458" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: insufficient strength of key agreement (JCE, 8185292)" }, { "cve": "CVE-2018-2633", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1535036" } ], "notes": [ { "category": "description", "text": "It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2633" }, { "category": "external", "summary": "RHBZ#1535036", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535036" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2633", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2633" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2633", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2633" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-07T10:33:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0458" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)" }, { "cve": "CVE-2018-2634", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534943" } ], "notes": [ { "category": "description", "text": "The JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2634" }, { "category": "external", "summary": "RHBZ#1534943", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534943" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2634", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2634" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2634", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2634" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-07T10:33:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0458" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600)" }, { "cve": "CVE-2018-2637", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534970" } ], "notes": [ { "category": "description", "text": "It was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2637" }, { "category": "external", "summary": "RHBZ#1534970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534970" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2637", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2637" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2637", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2637" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-07T10:33:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0458" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)" }, { "cve": "CVE-2018-2641", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534766" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: GTK library loading use-after-free (AWT, 8185325)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2641" }, { "category": "external", "summary": "RHBZ#1534766", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534766" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2641", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2641" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2641", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2641" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-07T10:33:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0458" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: GTK library loading use-after-free (AWT, 8185325)" }, { "cve": "CVE-2018-2657", "discovery_date": "2018-01-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1535353" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2657" }, { "category": "external", "summary": "RHBZ#1535353", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535353" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2657", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2657" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2657", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2657" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-07T10:33:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0458" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization)" }, { "cve": "CVE-2018-2663", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534296" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2663" }, { "category": "external", "summary": "RHBZ#1534296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534296" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2663", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2663" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2663", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2663" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-07T10:33:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0458" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)" }, { "cve": "CVE-2018-2677", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534288" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2677" }, { "category": "external", "summary": "RHBZ#1534288", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534288" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2677", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2677" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2677", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2677" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-07T10:33:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0458" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)" }, { "cve": "CVE-2018-2678", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534263" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2678" }, { "category": "external", "summary": "RHBZ#1534263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534263" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2678", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2678" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2678", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2678" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-07T10:33:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0458" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)" } ] }
rhsa-2018_0115
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for java-1.6.0-sun is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.\n\nThis update upgrades Oracle Java SE 6 to version 6 Update 181.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page listed in the References section. (CVE-2018-2579, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2629, CVE-2018-2633, CVE-2018-2637, CVE-2018-2641, CVE-2018-2657, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:0115", "url": "https://access.redhat.com/errata/RHSA-2018:0115" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/java/javase/documentation/overview-156328.html#R160_181", "url": "http://www.oracle.com/technetwork/java/javase/documentation/overview-156328.html#R160_181" }, { "category": "external", "summary": "1534263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534263" }, { "category": "external", "summary": "1534288", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534288" }, { "category": "external", "summary": "1534296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534296" }, { "category": "external", "summary": "1534298", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534298" }, { "category": "external", "summary": "1534299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534299" }, { "category": "external", "summary": "1534525", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534525" }, { "category": "external", "summary": "1534543", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534543" }, { "category": "external", "summary": "1534553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534553" }, { "category": "external", "summary": "1534625", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534625" }, { "category": "external", "summary": "1534762", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534762" }, { "category": "external", "summary": "1534766", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534766" }, { "category": "external", "summary": "1534970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534970" }, { "category": "external", "summary": "1535036", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535036" }, { "category": "external", "summary": "1535353", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535353" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0115.json" } ], "title": "Red Hat Security Advisory: java-1.6.0-sun security update", "tracking": { "current_release_date": "2024-11-15T02:06:29+00:00", "generator": { "date": "2024-11-15T02:06:29+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2018:0115", "initial_release_date": "2018-01-22T20:40:50+00:00", "revision_history": [ { "date": "2018-01-22T20:40:50+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-01-22T20:40:50+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T02:06:29+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product": { "name": "Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-OracleJava-7.4.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7" } } }, { "category": "product_name", "name": "Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product": { "name": "Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product_id": "7ComputeNode-OracleJava-7.4.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7" } } }, { "category": "product_name", "name": "Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product": { "name": "Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-OracleJava-7.4.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7" } } }, { "category": "product_name", "name": "Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product": { "name": "Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-OracleJava-7.4.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7" } } }, { "category": "product_name", "name": "Oracle Java for Red Hat Enterprise Linux Desktop 6", "product": { "name": "Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6" } } }, { "category": "product_name", "name": "Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product": { "name": "Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6" } } }, { "category": "product_name", "name": "Oracle Java for Red Hat Enterprise Linux Server 6", "product": { "name": "Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6" } } }, { "category": "product_name", "name": "Oracle Java for Red Hat Enterprise Linux Workstation 6", "product": { "name": "Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6" } } } ], "category": "product_family", "name": "Oracle Java for Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "product": { "name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "product_id": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.181-1jpp.2.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "product": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "product_id": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.181-1jpp.2.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "product": { "name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "product_id": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.181-1jpp.2.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "product": { "name": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "product_id": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.181-1jpp.2.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "product": { "name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "product_id": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.181-1jpp.2.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "product": { "name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "product_id": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.181-1jpp.2.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "product": { "name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "product_id": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.181-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "product": { "name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "product_id": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.181-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "product": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "product_id": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.181-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "product": { "name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "product_id": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.181-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "product": { "name": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "product_id": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.181-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "product": { "name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "product_id": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.181-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "product": { "name": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "product_id": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.181-1jpp.2.el7?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "product": { "name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "product_id": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.181-1jpp.2.el7?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "product": { "name": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "product_id": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.181-1jpp.1.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "product": { "name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "product_id": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.181-1jpp.1.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "product": { "name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "product_id": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.181-1jpp.1.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "product": { "name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "product_id": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.181-1jpp.1.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "product": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "product_id": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.181-1jpp.1.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "product": { "name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "product_id": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.181-1jpp.1.el6?arch=i686\u0026epoch=1" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686" }, "product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686" }, "product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686" }, "product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686" }, "product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686" }, "product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "relates_to_product_reference": "7Client-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64" }, "product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Client-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Client-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "relates_to_product_reference": "7Client-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Client-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Client-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Client-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Client-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686" }, "product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64" }, "product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686" }, "product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "relates_to_product_reference": "7Server-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64" }, "product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Server-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Server-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "relates_to_product_reference": "7Server-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Server-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Server-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Server-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Server-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686" }, "product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "relates_to_product_reference": "7Workstation-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64" }, "product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Workstation-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Workstation-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "relates_to_product_reference": "7Workstation-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Workstation-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Workstation-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Workstation-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Workstation-OracleJava-7.4.Z" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-2579", "cwe": { "id": "CWE-567", "name": "Unsynchronized Access to Shared Data in a Multithreaded Context" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534298" } ], "notes": [ { "category": "description", "text": "It was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2579" }, { "category": "external", "summary": "RHBZ#1534298", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534298" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2579", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2579" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2579", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2579" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-22T20:40:50+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0115" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)" }, { "cve": "CVE-2018-2588", "cwe": { "id": "CWE-90", "name": "Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534299" } ], "notes": [ { "category": "description", "text": "It was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2588" }, { "category": "external", "summary": "RHBZ#1534299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534299" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2588", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2588" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2588", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2588" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-22T20:40:50+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0115" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)" }, { "cve": "CVE-2018-2599", "cwe": { "id": "CWE-330", "name": "Use of Insufficiently Random Values" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534543" } ], "notes": [ { "category": "description", "text": "It was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: DnsClient missing source port randomization (JNDI, 8182125)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2599" }, { "category": "external", "summary": "RHBZ#1534543", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534543" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2599", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2599" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2599", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2599" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-22T20:40:50+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0115" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: DnsClient missing source port randomization (JNDI, 8182125)" }, { "cve": "CVE-2018-2602", "cwe": { "id": "CWE-426", "name": "Untrusted Search Path" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534525" } ], "notes": [ { "category": "description", "text": "It was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: loading of classes from untrusted locations (I18n, 8182601)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2602" }, { "category": "external", "summary": "RHBZ#1534525", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534525" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2602", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2602" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2602", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2602" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-22T20:40:50+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0115" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: loading of classes from untrusted locations (I18n, 8182601)" }, { "cve": "CVE-2018-2603", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534553" } ], "notes": [ { "category": "description", "text": "It was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2603" }, { "category": "external", "summary": "RHBZ#1534553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534553" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2603", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2603" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2603", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2603" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-22T20:40:50+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0115" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387)" }, { "cve": "CVE-2018-2618", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534762" } ], "notes": [ { "category": "description", "text": "It was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient strength of key agreement (JCE, 8185292)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2618" }, { "category": "external", "summary": "RHBZ#1534762", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534762" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2618", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2618" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2618", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2618" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-22T20:40:50+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0115" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: insufficient strength of key agreement (JCE, 8185292)" }, { "cve": "CVE-2018-2629", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534625" } ], "notes": [ { "category": "description", "text": "It was discovered that the JGSS component of OpenJDK failed to properly handle GSS context in the native GSS library wrapper in certain cases. A remote attacker could possibly make a Java application using JGSS to use a previously freed context.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: GSS context use-after-free (JGSS, 8186212)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2629" }, { "category": "external", "summary": "RHBZ#1534625", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534625" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2629", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2629" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2629", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2629" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-22T20:40:50+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0115" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: GSS context use-after-free (JGSS, 8186212)" }, { "cve": "CVE-2018-2633", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1535036" } ], "notes": [ { "category": "description", "text": "It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2633" }, { "category": "external", "summary": "RHBZ#1535036", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535036" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2633", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2633" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2633", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2633" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-22T20:40:50+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0115" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)" }, { "cve": "CVE-2018-2637", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534970" } ], "notes": [ { "category": "description", "text": "It was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2637" }, { "category": "external", "summary": "RHBZ#1534970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534970" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2637", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2637" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2637", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2637" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-22T20:40:50+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0115" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)" }, { "cve": "CVE-2018-2641", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534766" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: GTK library loading use-after-free (AWT, 8185325)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2641" }, { "category": "external", "summary": "RHBZ#1534766", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534766" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2641", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2641" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2641", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2641" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-22T20:40:50+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0115" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: GTK library loading use-after-free (AWT, 8185325)" }, { "cve": "CVE-2018-2657", "discovery_date": "2018-01-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1535353" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2657" }, { "category": "external", "summary": "RHBZ#1535353", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535353" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2657", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2657" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2657", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2657" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-22T20:40:50+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0115" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization)" }, { "cve": "CVE-2018-2663", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534296" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2663" }, { "category": "external", "summary": "RHBZ#1534296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534296" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2663", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2663" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2663", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2663" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-22T20:40:50+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0115" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)" }, { "cve": "CVE-2018-2677", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534288" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2677" }, { "category": "external", "summary": "RHBZ#1534288", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534288" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2677", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2677" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2677", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2677" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-22T20:40:50+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0115" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)" }, { "cve": "CVE-2018-2678", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534263" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-2678" }, { "category": "external", "summary": "RHBZ#1534263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534263" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-2678", "url": "https://www.cve.org/CVERecord?id=CVE-2018-2678" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2678", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2678" } ], "release_date": "2018-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-22T20:40:50+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0115" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)" } ] }
ghsa-qq7j-frwj-qh26
Vulnerability from github
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
{ "affected": [], "aliases": [ "CVE-2018-2657" ], "database_specific": { "cwe_ids": [], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2018-01-18T02:29:00Z", "severity": "MODERATE" }, "details": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "id": "GHSA-qq7j-frwj-qh26", "modified": "2022-05-13T01:16:55Z", "published": "2022-05-13T01:16:55Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2657" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2018:0100" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2018:0115" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2018:0458" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2018:0521" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2018:1463" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2018:1812" }, { "type": "WEB", "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0" }, { "type": "WEB", "url": "https://security.netapp.com/advisory/ntap-20180117-0001" }, { "type": "WEB", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/102629" }, { "type": "WEB", "url": "http://www.securitytracker.com/id/1040203" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "type": "CVSS_V3" } ] }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.