Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-8328 (GCVE-0-2016-8328)
Vulnerability from cvelistv5 – Published: 2017-01-27 22:01 – Updated: 2024-10-09 19:55
VLAI?
EPSS
Summary
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (Integrity impacts).
Severity ?
No CVSS data available.
CWE
- CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:20:30.756Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201701-65",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"name": "1037637",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "RHSA-2017:0175",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"name": "95581",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95581"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2016-8328",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T19:30:47.507511Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T19:55:30.982Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java SE",
"vendor": "Oracle",
"versions": [
{
"status": "affected",
"version": "8u112"
}
]
}
],
"datePublic": "2017-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (Integrity impacts)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "GLSA-201701-65",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"name": "1037637",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "RHSA-2017:0175",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"name": "95581",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95581"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-8328",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java SE",
"version": {
"version_data": [
{
"version_value": "8u112"
}
]
}
}
]
},
"vendor_name": "Oracle"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (Integrity impacts)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201701-65",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"name": "1037637",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "RHSA-2017:0175",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20170119-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"name": "95581",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95581"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2016-8328",
"datePublished": "2017-01-27T22:01:00",
"dateReserved": "2016-09-26T00:00:00",
"dateUpdated": "2024-10-09T19:55:30.982Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jdk:1.8:update_112:*:*:*:*:*:*\", \"matchCriteriaId\": \"BEB76EC4-557F-4C67-BE1E-79E837043B05\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jre:1.8:update_112:*:*:*:*:*:*\", \"matchCriteriaId\": \"4AA3E574-DC5D-465B-95B8-CD1AF5433646\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (Integrity impacts).\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad en el componente Java SE de Oracle Java SE (subcomponente: Java Mission Control). La versi\\u00f3n compatible que est\\u00e1 afectada es Java SE: 8u112. Vulnerabilidad dif\\u00edcil de explotar permite a atacante no autenticado con acceso a la red a trav\\u00e9s de m\\u00faltiples protocolos, comprometer Java SE.Ataques exitosos de esta vulnerabilidad pueden resultar en actualizaci\\u00f3n no autorizada, inserci\\u00f3n o borrado de acceso a algunos datos accesibles de Java SE. Nota: Aplica a Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (Impactos de Integridad).\"}]",
"id": "CVE-2016-8328",
"lastModified": "2024-11-21T02:59:10.237",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N\", \"baseScore\": 3.7, \"baseSeverity\": \"LOW\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 1.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2017-01-27T22:59:01.787",
"references": "[{\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0175.html\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/95581\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1037637\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"https://security.gentoo.org/glsa/201701-65\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20170119-0001/\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0175.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/95581\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1037637\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.gentoo.org/glsa/201701-65\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20170119-0001/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2016-8328\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2017-01-27T22:59:01.787\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (Integrity impacts).\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad en el componente Java SE de Oracle Java SE (subcomponente: Java Mission Control). La versi\u00f3n compatible que est\u00e1 afectada es Java SE: 8u112. Vulnerabilidad dif\u00edcil de explotar permite a atacante no autenticado con acceso a la red a trav\u00e9s de m\u00faltiples protocolos, comprometer Java SE.Ataques exitosos de esta vulnerabilidad pueden resultar en actualizaci\u00f3n no autorizada, inserci\u00f3n o borrado de acceso a algunos datos accesibles de Java SE. Nota: Aplica a Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (Impactos de Integridad).\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N\",\"baseScore\":3.7,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.8:update_112:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEB76EC4-557F-4C67-BE1E-79E837043B05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.8:update_112:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AA3E574-DC5D-465B-95B8-CD1AF5433646\"}]}]}],\"references\":[{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0175.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/95581\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1037637\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"https://security.gentoo.org/glsa/201701-65\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20170119-0001/\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0175.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/95581\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1037637\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/201701-65\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20170119-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://security.gentoo.org/glsa/201701-65\", \"name\": \"GLSA-201701-65\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id/1037637\", \"name\": \"1037637\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0175.html\", \"name\": \"RHSA-2017:0175\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20170119-0001/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/95581\", \"name\": \"95581\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-06T02:20:30.756Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2016-8328\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-09T19:30:47.507511Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-09T19:31:11.167Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Oracle\", \"product\": \"Java SE\", \"versions\": [{\"status\": \"affected\", \"version\": \"8u112\"}]}], \"datePublic\": \"2017-01-17T00:00:00\", \"references\": [{\"url\": \"https://security.gentoo.org/glsa/201701-65\", \"name\": \"GLSA-201701-65\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\"]}, {\"url\": \"http://www.securitytracker.com/id/1037637\", \"name\": \"1037637\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0175.html\", \"name\": \"RHSA-2017:0175\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20170119-0001/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.securityfocus.com/bid/95581\", \"name\": \"95581\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (Integrity impacts).\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N\"}]}], \"providerMetadata\": {\"orgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"shortName\": \"oracle\", \"dateUpdated\": \"2018-01-04T19:57:01\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"8u112\"}]}, \"product_name\": \"Java SE\"}]}, \"vendor_name\": \"Oracle\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://security.gentoo.org/glsa/201701-65\", \"name\": \"GLSA-201701-65\", \"refsource\": \"GENTOO\"}, {\"url\": \"http://www.securitytracker.com/id/1037637\", \"name\": \"1037637\", \"refsource\": \"SECTRACK\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0175.html\", \"name\": \"RHSA-2017:0175\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20170119-0001/\", \"name\": \"https://security.netapp.com/advisory/ntap-20170119-0001/\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.securityfocus.com/bid/95581\", \"name\": \"95581\", \"refsource\": \"BID\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html\", \"name\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html\", \"refsource\": \"CONFIRM\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (Integrity impacts).\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2016-8328\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secalert_us@oracle.com\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2016-8328\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-09T19:55:30.982Z\", \"dateReserved\": \"2016-09-26T00:00:00\", \"assignerOrgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"datePublished\": \"2017-01-27T22:01:00\", \"assignerShortName\": \"oracle\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
GHSA-VV9Q-Q5QM-V3XG
Vulnerability from github – Published: 2022-05-14 03:55 – Updated: 2025-04-20 03:31
VLAI?
Details
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (Integrity impacts).
Severity ?
{
"affected": [],
"aliases": [
"CVE-2016-8328"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-01-27T22:59:00Z",
"severity": "MODERATE"
},
"details": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (Integrity impacts).",
"id": "GHSA-vv9q-q5qm-v3xg",
"modified": "2025-04-20T03:31:39Z",
"published": "2022-05-14T03:55:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8328"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/95581"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1037637"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
CERTFR-2017-AVI-017
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans Oracle Java SE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |
|---|---|---|---|
|
|
|||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Java SE Embedded version 8u111",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Java SE versions 6u131, 7u121 et 8u112",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "JRockit version R28.3.12",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-3259",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3259"
},
{
"name": "CVE-2016-5549",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5549"
},
{
"name": "CVE-2016-5547",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5547"
},
{
"name": "CVE-2017-3289",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3289"
},
{
"name": "CVE-2016-8328",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8328"
},
{
"name": "CVE-2016-5552",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5552"
},
{
"name": "CVE-2017-3272",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3272"
},
{
"name": "CVE-2017-3261",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3261"
},
{
"name": "CVE-2017-3260",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3260"
},
{
"name": "CVE-2016-2183",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2183"
},
{
"name": "CVE-2016-5548",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5548"
},
{
"name": "CVE-2017-3253",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3253"
},
{
"name": "CVE-2017-3241",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3241"
},
{
"name": "CVE-2016-5546",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5546"
},
{
"name": "CVE-2017-3231",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3231"
},
{
"name": "CVE-2017-3262",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3262"
},
{
"name": "CVE-2017-3252",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3252"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2017-2881727 du 17 janvier 2017",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2017verbose-2881728 du 17 janvier 2017",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017verbose-2881728.html#JAVA"
}
],
"reference": "CERTFR-2017-AVI-017",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-01-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eOracle Java SE\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance,\nun d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Java SE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2017verbose-2881728 du 17 janvier 2017",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2017-2881727 du 17 janvier 2017",
"url": null
}
]
}
CERTFR-2017-AVI-017
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans Oracle Java SE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |
|---|---|---|---|
|
|
|||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Java SE Embedded version 8u111",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Java SE versions 6u131, 7u121 et 8u112",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "JRockit version R28.3.12",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-3259",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3259"
},
{
"name": "CVE-2016-5549",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5549"
},
{
"name": "CVE-2016-5547",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5547"
},
{
"name": "CVE-2017-3289",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3289"
},
{
"name": "CVE-2016-8328",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8328"
},
{
"name": "CVE-2016-5552",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5552"
},
{
"name": "CVE-2017-3272",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3272"
},
{
"name": "CVE-2017-3261",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3261"
},
{
"name": "CVE-2017-3260",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3260"
},
{
"name": "CVE-2016-2183",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2183"
},
{
"name": "CVE-2016-5548",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5548"
},
{
"name": "CVE-2017-3253",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3253"
},
{
"name": "CVE-2017-3241",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3241"
},
{
"name": "CVE-2016-5546",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5546"
},
{
"name": "CVE-2017-3231",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3231"
},
{
"name": "CVE-2017-3262",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3262"
},
{
"name": "CVE-2017-3252",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3252"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2017-2881727 du 17 janvier 2017",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2017verbose-2881728 du 17 janvier 2017",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017verbose-2881728.html#JAVA"
}
],
"reference": "CERTFR-2017-AVI-017",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-01-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eOracle Java SE\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance,\nun d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Java SE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2017verbose-2881728 du 17 janvier 2017",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2017-2881727 du 17 janvier 2017",
"url": null
}
]
}
RHSA-2017_0175
Vulnerability from csaf_redhat - Published: 2017-01-19 13:59 - Updated: 2024-11-14 22:38Summary
Red Hat Security Advisory: java-1.8.0-oracle security update
Notes
Topic
An update for java-1.8.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
This update upgrades Oracle Java SE 8 to version 8 Update 121.
Security Fix(es):
* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2016-2183, CVE-2016-5546, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549, CVE-2016-5552, CVE-2016-8328, CVE-2017-3231, CVE-2017-3241, CVE-2017-3252, CVE-2017-3253, CVE-2017-3259, CVE-2017-3261, CVE-2017-3262, CVE-2017-3272, CVE-2017-3289)
This update mitigates the CVE-2016-2183 issue by adding 3DES cipher suites to the list of legacy algorithms (defined using the jdk.tls.legacyAlgorithms security property) so they are only used if connecting TLS/SSL client and server do not share any other non-legacy cipher suite.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.8.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.\n\nThis update upgrades Oracle Java SE 8 to version 8 Update 121.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2016-2183, CVE-2016-5546, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549, CVE-2016-5552, CVE-2016-8328, CVE-2017-3231, CVE-2017-3241, CVE-2017-3252, CVE-2017-3253, CVE-2017-3259, CVE-2017-3261, CVE-2017-3262, CVE-2017-3272, CVE-2017-3289)\n\nThis update mitigates the CVE-2016-2183 issue by adding 3DES cipher suites to the list of legacy algorithms (defined using the jdk.tls.legacyAlgorithms security property) so they are only used if connecting TLS/SSL client and server do not share any other non-legacy cipher suite.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:0175",
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/java/javase/8u121-relnotes-3315208.html",
"url": "http://www.oracle.com/technetwork/java/javase/8u121-relnotes-3315208.html"
},
{
"category": "external",
"summary": "1369383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383"
},
{
"category": "external",
"summary": "1413554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413554"
},
{
"category": "external",
"summary": "1413562",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413562"
},
{
"category": "external",
"summary": "1413583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413583"
},
{
"category": "external",
"summary": "1413653",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413653"
},
{
"category": "external",
"summary": "1413717",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413717"
},
{
"category": "external",
"summary": "1413764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413764"
},
{
"category": "external",
"summary": "1413882",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413882"
},
{
"category": "external",
"summary": "1413906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413906"
},
{
"category": "external",
"summary": "1413911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413911"
},
{
"category": "external",
"summary": "1413920",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413920"
},
{
"category": "external",
"summary": "1413923",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413923"
},
{
"category": "external",
"summary": "1413955",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413955"
},
{
"category": "external",
"summary": "1414162",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414162"
},
{
"category": "external",
"summary": "1414163",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414163"
},
{
"category": "external",
"summary": "1414164",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414164"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_0175.json"
}
],
"title": "Red Hat Security Advisory: java-1.8.0-oracle security update",
"tracking": {
"current_release_date": "2024-11-14T22:38:37+00:00",
"generator": {
"date": "2024-11-14T22:38:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2017:0175",
"initial_release_date": "2017-01-19T13:59:09+00:00",
"revision_history": [
{
"date": "2017-01-19T13:59:09+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-12-14T14:50:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T22:38:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Server 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.3.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.3.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.3.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.3.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
}
],
"category": "product_family",
"name": "Oracle Java for Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_id": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-jdbc@1.8.0.121-1jpp.1.el6_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_id": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-src@1.8.0.121-1jpp.1.el6_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_id": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-plugin@1.8.0.121-1jpp.1.el6_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_id": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle@1.8.0.121-1jpp.1.el6_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_id": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-devel@1.8.0.121-1jpp.1.el6_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_id": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-javafx@1.8.0.121-1jpp.1.el6_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_id": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-jdbc@1.8.0.121-1jpp.1.el7_3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_id": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-src@1.8.0.121-1jpp.1.el7_3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_id": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle@1.8.0.121-1jpp.1.el7_3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_id": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-devel@1.8.0.121-1jpp.1.el7_3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_id": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-javafx@1.8.0.121-1jpp.1.el7_3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_id": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-plugin@1.8.0.121-1jpp.1.el7_3?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"product": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_id": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-jdbc@1.8.0.121-1jpp.1.el6_8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"product": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_id": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-src@1.8.0.121-1jpp.1.el6_8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"product": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_id": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-plugin@1.8.0.121-1jpp.1.el6_8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"product": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_id": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle@1.8.0.121-1jpp.1.el6_8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"product": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_id": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-devel@1.8.0.121-1jpp.1.el6_8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"product": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_id": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-javafx@1.8.0.121-1jpp.1.el6_8?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.3.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-5546",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413911"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Libraries component of OpenJDK accepted ECDSA signatures using non-canonical DER encoding. This could cause a Java application to accept signature in an incorrect format not accepted by other cryptographic tools.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect ECDSA signature extraction from the DER input (Libraries, 8168714)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-5546"
},
{
"category": "external",
"summary": "RHBZ#1413911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413911"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-5546",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5546"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5546",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5546"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: incorrect ECDSA signature extraction from the DER input (Libraries, 8168714)"
},
{
"cve": "CVE-2016-5547",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413764"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Libraries component of OpenJDK did not validate the length of the object identifier read from the DER input before allocating memory to store the OID. An attacker able to make a Java application decode a specially crafted DER input could cause the application to consume an excessive amount of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: missing ObjectIdentifier length check (Libraries, 8168705)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-5547"
},
{
"category": "external",
"summary": "RHBZ#1413764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-5547",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5547"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5547",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5547"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: missing ObjectIdentifier length check (Libraries, 8168705)"
},
{
"cve": "CVE-2016-5548",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413920"
}
],
"notes": [
{
"category": "description",
"text": "A covert timing channel flaw was found in the DSA implementation in the Libraries component of OpenJDK. A remote attacker could possibly use this flaw to extract certain information about the used key via a timing side channel.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: DSA implementation timing attack (Libraries, 8168728)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-5548"
},
{
"category": "external",
"summary": "RHBZ#1413920",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413920"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-5548",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5548"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5548",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5548"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: DSA implementation timing attack (Libraries, 8168728)"
},
{
"cve": "CVE-2016-5549",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413923"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 6.5 (Confidentiality impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: ECDSA implementation timing attack (Libraries, 8168724)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-5549"
},
{
"category": "external",
"summary": "RHBZ#1413923",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413923"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-5549",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5549"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5549",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5549"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: ECDSA implementation timing attack (Libraries, 8168724)"
},
{
"cve": "CVE-2016-5552",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413882"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Networking component of OpenJDK failed to properly parse user info from the URL. A remote attacker could cause a Java application to incorrectly parse an attacker supplied URL and interpret it differently from other applications processing the same URL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect URL parsing in URLStreamHandler (Networking, 8167223)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-5552"
},
{
"category": "external",
"summary": "RHBZ#1413882",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413882"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-5552",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5552"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5552",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5552"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: incorrect URL parsing in URLStreamHandler (Networking, 8167223)"
},
{
"cve": "CVE-2016-8328",
"discovery_date": "2017-01-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414164"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (Integrity impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 8u121 (Java Mission Control)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-8328"
},
{
"category": "external",
"summary": "RHBZ#1414164",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414164"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-8328",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8328"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8328",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8328"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 8u121 (Java Mission Control)"
},
{
"cve": "CVE-2017-3231",
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413717"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 4.3 (Confidentiality impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: URLClassLoader insufficient access control checks (Networking, 8151934)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3231"
},
{
"category": "external",
"summary": "RHBZ#1413717",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413717"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3231",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3231"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3231",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3231"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: URLClassLoader insufficient access control checks (Networking, 8151934)"
},
{
"cve": "CVE-2017-3241",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413955"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the RMI registry and DCG implementations in the RMI component of OpenJDK performed deserialization of untrusted inputs. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: untrusted input deserialization in RMI registry and DCG (RMI, 8156802)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3241"
},
{
"category": "external",
"summary": "RHBZ#1413955",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413955"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3241",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3241"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3241",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3241"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: untrusted input deserialization in RMI registry and DCG (RMI, 8156802)"
},
{
"cve": "CVE-2017-3252",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413906"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the JAAS component of OpenJDK did not use the correct way to extract user DN from the result of the user search LDAP query. A specially crafted user LDAP entry could cause the application to use an incorrect DN.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3252"
},
{
"category": "external",
"summary": "RHBZ#1413906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413906"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3252",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3252"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3252",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3252"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743)"
},
{
"cve": "CVE-2017-3253",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413583"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the 2D component of OpenJDK performed parsing of iTXt and zTXt PNG image chunks even when configured to ignore metadata. An attacker able to make a Java application parse a specially crafted PNG image could cause the application to consume an excessive amount of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: imageio PNGImageReader failed to honor ignoreMetadata for iTXt and zTXt chunks (2D, 8166988)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3253"
},
{
"category": "external",
"summary": "RHBZ#1413583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413583"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3253",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3253"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3253",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3253"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: imageio PNGImageReader failed to honor ignoreMetadata for iTXt and zTXt chunks (2D, 8166988)"
},
{
"cve": "CVE-2017-3259",
"discovery_date": "2017-01-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414163"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 3.7 (Confidentiality impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u141, 7u131, and 8u121 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3259"
},
{
"category": "external",
"summary": "RHBZ#1414163",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414163"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3259",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3259"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3259",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3259"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u141, 7u131, and 8u121 (Deployment)"
},
{
"cve": "CVE-2017-3261",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413653"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 4.3 (Confidentiality impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: integer overflow in SocketOutputStream boundary check (Networking, 8164147)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3261"
},
{
"category": "external",
"summary": "RHBZ#1413653",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413653"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3261",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3261"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3261",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3261"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: integer overflow in SocketOutputStream boundary check (Networking, 8164147)"
},
{
"cve": "CVE-2017-3262",
"discovery_date": "2017-01-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414162"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 5.3 (Confidentiality impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 8u121 (Java Mission Control)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3262"
},
{
"category": "external",
"summary": "RHBZ#1414162",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414162"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3262",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3262"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3262",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3262"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 8u121 (Java Mission Control)"
},
{
"cve": "CVE-2017-3272",
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413554"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient protected field access checks in atomic field updaters (Libraries, 8165344)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3272"
},
{
"category": "external",
"summary": "RHBZ#1413554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413554"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3272",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3272"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3272",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3272"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: insufficient protected field access checks in atomic field updaters (Libraries, 8165344)"
},
{
"cve": "CVE-2017-3289",
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413562"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insecure class construction (Hotspot, 8167104)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3289"
},
{
"category": "external",
"summary": "RHBZ#1413562",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413562"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3289",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3289"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3289",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3289"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: insecure class construction (Hotspot, 8167104)"
}
]
}
RHSA-2017:0175
Vulnerability from csaf_redhat - Published: 2017-01-19 13:59 - Updated: 2025-11-21 17:59Summary
Red Hat Security Advisory: java-1.8.0-oracle security update
Notes
Topic
An update for java-1.8.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
This update upgrades Oracle Java SE 8 to version 8 Update 121.
Security Fix(es):
* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2016-2183, CVE-2016-5546, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549, CVE-2016-5552, CVE-2016-8328, CVE-2017-3231, CVE-2017-3241, CVE-2017-3252, CVE-2017-3253, CVE-2017-3259, CVE-2017-3261, CVE-2017-3262, CVE-2017-3272, CVE-2017-3289)
This update mitigates the CVE-2016-2183 issue by adding 3DES cipher suites to the list of legacy algorithms (defined using the jdk.tls.legacyAlgorithms security property) so they are only used if connecting TLS/SSL client and server do not share any other non-legacy cipher suite.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.8.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.\n\nThis update upgrades Oracle Java SE 8 to version 8 Update 121.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2016-2183, CVE-2016-5546, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549, CVE-2016-5552, CVE-2016-8328, CVE-2017-3231, CVE-2017-3241, CVE-2017-3252, CVE-2017-3253, CVE-2017-3259, CVE-2017-3261, CVE-2017-3262, CVE-2017-3272, CVE-2017-3289)\n\nThis update mitigates the CVE-2016-2183 issue by adding 3DES cipher suites to the list of legacy algorithms (defined using the jdk.tls.legacyAlgorithms security property) so they are only used if connecting TLS/SSL client and server do not share any other non-legacy cipher suite.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:0175",
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/java/javase/8u121-relnotes-3315208.html",
"url": "http://www.oracle.com/technetwork/java/javase/8u121-relnotes-3315208.html"
},
{
"category": "external",
"summary": "1369383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383"
},
{
"category": "external",
"summary": "1413554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413554"
},
{
"category": "external",
"summary": "1413562",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413562"
},
{
"category": "external",
"summary": "1413583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413583"
},
{
"category": "external",
"summary": "1413653",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413653"
},
{
"category": "external",
"summary": "1413717",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413717"
},
{
"category": "external",
"summary": "1413764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413764"
},
{
"category": "external",
"summary": "1413882",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413882"
},
{
"category": "external",
"summary": "1413906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413906"
},
{
"category": "external",
"summary": "1413911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413911"
},
{
"category": "external",
"summary": "1413920",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413920"
},
{
"category": "external",
"summary": "1413923",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413923"
},
{
"category": "external",
"summary": "1413955",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413955"
},
{
"category": "external",
"summary": "1414162",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414162"
},
{
"category": "external",
"summary": "1414163",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414163"
},
{
"category": "external",
"summary": "1414164",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414164"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_0175.json"
}
],
"title": "Red Hat Security Advisory: java-1.8.0-oracle security update",
"tracking": {
"current_release_date": "2025-11-21T17:59:10+00:00",
"generator": {
"date": "2025-11-21T17:59:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2017:0175",
"initial_release_date": "2017-01-19T13:59:09+00:00",
"revision_history": [
{
"date": "2017-01-19T13:59:09+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-12-14T14:50:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:59:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Server 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.3.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.3.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.3.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.3.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
}
],
"category": "product_family",
"name": "Oracle Java for Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_id": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-jdbc@1.8.0.121-1jpp.1.el6_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_id": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-src@1.8.0.121-1jpp.1.el6_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_id": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-plugin@1.8.0.121-1jpp.1.el6_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_id": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle@1.8.0.121-1jpp.1.el6_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_id": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-devel@1.8.0.121-1jpp.1.el6_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_id": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-javafx@1.8.0.121-1jpp.1.el6_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_id": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-jdbc@1.8.0.121-1jpp.1.el7_3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_id": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-src@1.8.0.121-1jpp.1.el7_3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_id": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle@1.8.0.121-1jpp.1.el7_3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_id": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-devel@1.8.0.121-1jpp.1.el7_3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_id": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-javafx@1.8.0.121-1jpp.1.el7_3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_id": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-plugin@1.8.0.121-1jpp.1.el7_3?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"product": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_id": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-jdbc@1.8.0.121-1jpp.1.el6_8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"product": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_id": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-src@1.8.0.121-1jpp.1.el6_8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"product": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_id": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-plugin@1.8.0.121-1jpp.1.el6_8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"product": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_id": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle@1.8.0.121-1jpp.1.el6_8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"product": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_id": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-devel@1.8.0.121-1jpp.1.el6_8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"product": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_id": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-javafx@1.8.0.121-1jpp.1.el6_8?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.3.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-5546",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413911"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Libraries component of OpenJDK accepted ECDSA signatures using non-canonical DER encoding. This could cause a Java application to accept signature in an incorrect format not accepted by other cryptographic tools.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect ECDSA signature extraction from the DER input (Libraries, 8168714)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-5546"
},
{
"category": "external",
"summary": "RHBZ#1413911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413911"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-5546",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5546"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5546",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5546"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: incorrect ECDSA signature extraction from the DER input (Libraries, 8168714)"
},
{
"cve": "CVE-2016-5547",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413764"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Libraries component of OpenJDK did not validate the length of the object identifier read from the DER input before allocating memory to store the OID. An attacker able to make a Java application decode a specially crafted DER input could cause the application to consume an excessive amount of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: missing ObjectIdentifier length check (Libraries, 8168705)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-5547"
},
{
"category": "external",
"summary": "RHBZ#1413764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-5547",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5547"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5547",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5547"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: missing ObjectIdentifier length check (Libraries, 8168705)"
},
{
"cve": "CVE-2016-5548",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413920"
}
],
"notes": [
{
"category": "description",
"text": "A covert timing channel flaw was found in the DSA implementation in the Libraries component of OpenJDK. A remote attacker could possibly use this flaw to extract certain information about the used key via a timing side channel.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: DSA implementation timing attack (Libraries, 8168728)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-5548"
},
{
"category": "external",
"summary": "RHBZ#1413920",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413920"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-5548",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5548"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5548",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5548"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: DSA implementation timing attack (Libraries, 8168728)"
},
{
"cve": "CVE-2016-5549",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413923"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 6.5 (Confidentiality impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: ECDSA implementation timing attack (Libraries, 8168724)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-5549"
},
{
"category": "external",
"summary": "RHBZ#1413923",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413923"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-5549",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5549"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5549",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5549"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: ECDSA implementation timing attack (Libraries, 8168724)"
},
{
"cve": "CVE-2016-5552",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413882"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Networking component of OpenJDK failed to properly parse user info from the URL. A remote attacker could cause a Java application to incorrectly parse an attacker supplied URL and interpret it differently from other applications processing the same URL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect URL parsing in URLStreamHandler (Networking, 8167223)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-5552"
},
{
"category": "external",
"summary": "RHBZ#1413882",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413882"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-5552",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5552"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5552",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5552"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: incorrect URL parsing in URLStreamHandler (Networking, 8167223)"
},
{
"cve": "CVE-2016-8328",
"discovery_date": "2017-01-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414164"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (Integrity impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 8u121 (Java Mission Control)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-8328"
},
{
"category": "external",
"summary": "RHBZ#1414164",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414164"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-8328",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8328"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8328",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8328"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 8u121 (Java Mission Control)"
},
{
"cve": "CVE-2017-3231",
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413717"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 4.3 (Confidentiality impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: URLClassLoader insufficient access control checks (Networking, 8151934)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3231"
},
{
"category": "external",
"summary": "RHBZ#1413717",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413717"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3231",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3231"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3231",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3231"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: URLClassLoader insufficient access control checks (Networking, 8151934)"
},
{
"cve": "CVE-2017-3241",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413955"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the RMI registry and DCG implementations in the RMI component of OpenJDK performed deserialization of untrusted inputs. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: untrusted input deserialization in RMI registry and DCG (RMI, 8156802)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3241"
},
{
"category": "external",
"summary": "RHBZ#1413955",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413955"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3241",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3241"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3241",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3241"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: untrusted input deserialization in RMI registry and DCG (RMI, 8156802)"
},
{
"cve": "CVE-2017-3252",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413906"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the JAAS component of OpenJDK did not use the correct way to extract user DN from the result of the user search LDAP query. A specially crafted user LDAP entry could cause the application to use an incorrect DN.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3252"
},
{
"category": "external",
"summary": "RHBZ#1413906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413906"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3252",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3252"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3252",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3252"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743)"
},
{
"cve": "CVE-2017-3253",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413583"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the 2D component of OpenJDK performed parsing of iTXt and zTXt PNG image chunks even when configured to ignore metadata. An attacker able to make a Java application parse a specially crafted PNG image could cause the application to consume an excessive amount of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: imageio PNGImageReader failed to honor ignoreMetadata for iTXt and zTXt chunks (2D, 8166988)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3253"
},
{
"category": "external",
"summary": "RHBZ#1413583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413583"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3253",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3253"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3253",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3253"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: imageio PNGImageReader failed to honor ignoreMetadata for iTXt and zTXt chunks (2D, 8166988)"
},
{
"cve": "CVE-2017-3259",
"discovery_date": "2017-01-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414163"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 3.7 (Confidentiality impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u141, 7u131, and 8u121 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3259"
},
{
"category": "external",
"summary": "RHBZ#1414163",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414163"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3259",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3259"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3259",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3259"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u141, 7u131, and 8u121 (Deployment)"
},
{
"cve": "CVE-2017-3261",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413653"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 4.3 (Confidentiality impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: integer overflow in SocketOutputStream boundary check (Networking, 8164147)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3261"
},
{
"category": "external",
"summary": "RHBZ#1413653",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413653"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3261",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3261"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3261",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3261"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: integer overflow in SocketOutputStream boundary check (Networking, 8164147)"
},
{
"cve": "CVE-2017-3262",
"discovery_date": "2017-01-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414162"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 5.3 (Confidentiality impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 8u121 (Java Mission Control)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3262"
},
{
"category": "external",
"summary": "RHBZ#1414162",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414162"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3262",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3262"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3262",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3262"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 8u121 (Java Mission Control)"
},
{
"cve": "CVE-2017-3272",
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413554"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient protected field access checks in atomic field updaters (Libraries, 8165344)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3272"
},
{
"category": "external",
"summary": "RHBZ#1413554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413554"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3272",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3272"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3272",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3272"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: insufficient protected field access checks in atomic field updaters (Libraries, 8165344)"
},
{
"cve": "CVE-2017-3289",
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413562"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insecure class construction (Hotspot, 8167104)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3289"
},
{
"category": "external",
"summary": "RHBZ#1413562",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413562"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3289",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3289"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3289",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3289"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: insecure class construction (Hotspot, 8167104)"
}
]
}
GSD-2016-8328
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (Integrity impacts).
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2016-8328",
"description": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (Integrity impacts).",
"id": "GSD-2016-8328",
"references": [
"https://www.suse.com/security/cve/CVE-2016-8328.html",
"https://access.redhat.com/errata/RHSA-2017:0175",
"https://packetstormsecurity.com/files/cve/CVE-2016-8328"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2016-8328"
],
"details": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (Integrity impacts).",
"id": "GSD-2016-8328",
"modified": "2023-12-13T01:21:22.337303Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-8328",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java SE",
"version": {
"version_data": [
{
"version_value": "8u112"
}
]
}
}
]
},
"vendor_name": "Oracle"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (Integrity impacts)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201701-65",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"name": "1037637",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "RHSA-2017:0175",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20170119-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"name": "95581",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95581"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:jre:1.8:update_112:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.8:update_112:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-8328"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (Integrity impacts)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"name": "95581",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95581"
},
{
"name": "GLSA-201701-65",
"refsource": "GENTOO",
"tags": [],
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"name": "1037637",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "https://security.netapp.com/advisory/ntap-20170119-0001/",
"refsource": "CONFIRM",
"tags": [],
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"name": "RHSA-2017:0175",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
}
},
"lastModifiedDate": "2018-01-05T02:31Z",
"publishedDate": "2017-01-27T22:59Z"
}
}
}
FKIE_CVE-2016-8328
Vulnerability from fkie_nvd - Published: 2017-01-27 22:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (Integrity impacts).
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8:update_112:*:*:*:*:*:*",
"matchCriteriaId": "BEB76EC4-557F-4C67-BE1E-79E837043B05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8:update_112:*:*:*:*:*:*",
"matchCriteriaId": "4AA3E574-DC5D-465B-95B8-CD1AF5433646",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (Integrity impacts)."
},
{
"lang": "es",
"value": "Vulnerabilidad en el componente Java SE de Oracle Java SE (subcomponente: Java Mission Control). La versi\u00f3n compatible que est\u00e1 afectada es Java SE: 8u112. Vulnerabilidad dif\u00edcil de explotar permite a atacante no autenticado con acceso a la red a trav\u00e9s de m\u00faltiples protocolos, comprometer Java SE.Ataques exitosos de esta vulnerabilidad pueden resultar en actualizaci\u00f3n no autorizada, inserci\u00f3n o borrado de acceso a algunos datos accesibles de Java SE. Nota: Aplica a Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (Impactos de Integridad)."
}
],
"id": "CVE-2016-8328",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-27T22:59:01.787",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95581"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1037637"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CNVD-2017-00936
Vulnerability from cnvd - Published: 2017-02-05
VLAI Severity ?
Title
Oracle Java SE存在未明漏洞(CNVD-2017-00936)
Description
Oracle Java SE是美国甲骨文(Oracle)公司的产品。Java SE(Java 平台标准版)用于开发和部署桌面、服务器以及嵌入设备和实时环境中的Java应用程序。
Oracle Java SE 8u112版本存在远程安全漏洞。攻击者可通过多个协议利用该漏洞使'Java Mission Control'子组件受到影响。
Severity
中
Patch Name
Oracle Java SE存在未明漏洞(CNVD-2017-00936)的补丁
Patch Description
Oracle Java SE是美国甲骨文(Oracle)公司的产品。Java SE(Java 平台标准版)用于开发和部署桌面、服务器以及嵌入设备和实时环境中的Java应用程序。
Oracle Java SE 8u112版本存在远程安全漏洞。攻击者可通过多个协议利用该漏洞使'Java Mission Control'子组件受到影响。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html
Reference
http://www.securityfocus.com/bid/95581
Impacted products
| Name | Oracle Java SE 8u112 |
|---|
{
"bids": {
"bid": {
"bidNumber": "95581"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2016-8328",
"cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8328"
}
},
"description": "Oracle Java SE\u662f\u7f8e\u56fd\u7532\u9aa8\u6587\uff08Oracle\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Java SE\uff08Java \u5e73\u53f0\u6807\u51c6\u7248\uff09\u7528\u4e8e\u5f00\u53d1\u548c\u90e8\u7f72\u684c\u9762\u3001\u670d\u52a1\u5668\u4ee5\u53ca\u5d4c\u5165\u8bbe\u5907\u548c\u5b9e\u65f6\u73af\u5883\u4e2d\u7684Java\u5e94\u7528\u7a0b\u5e8f\u3002\r\n\r\nOracle Java SE 8u112\u7248\u672c\u5b58\u5728\u8fdc\u7a0b\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u591a\u4e2a\u534f\u8bae\u5229\u7528\u8be5\u6f0f\u6d1e\u4f7f\u0027Java Mission Control\u0027\u5b50\u7ec4\u4ef6\u53d7\u5230\u5f71\u54cd\u3002",
"discovererName": "Oracle",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttp://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2017-00936",
"openTime": "2017-02-05",
"patchDescription": "Oracle Java SE\u662f\u7f8e\u56fd\u7532\u9aa8\u6587\uff08Oracle\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Java SE\uff08Java \u5e73\u53f0\u6807\u51c6\u7248\uff09\u7528\u4e8e\u5f00\u53d1\u548c\u90e8\u7f72\u684c\u9762\u3001\u670d\u52a1\u5668\u4ee5\u53ca\u5d4c\u5165\u8bbe\u5907\u548c\u5b9e\u65f6\u73af\u5883\u4e2d\u7684Java\u5e94\u7528\u7a0b\u5e8f\u3002\r\n\r\nOracle Java SE 8u112\u7248\u672c\u5b58\u5728\u8fdc\u7a0b\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u591a\u4e2a\u534f\u8bae\u5229\u7528\u8be5\u6f0f\u6d1e\u4f7f\u0027Java Mission Control\u0027\u5b50\u7ec4\u4ef6\u53d7\u5230\u5f71\u54cd\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Oracle Java SE\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2017-00936\uff09\u7684\u8865\u4e01",
"products": {
"product": "Oracle Java SE 8u112"
},
"referenceLink": "http://www.securityfocus.com/bid/95581",
"serverity": "\u4e2d",
"submitTime": "2017-01-20",
"title": "Oracle Java SE\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2017-00936\uff09"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…