Action not permitted
Modal body text goes here.
cve-2017-10309
Vulnerability from cvelistv5
▼ | URL | Tags | |
---|---|---|---|
secalert_us@oracle.com | http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | Patch, Vendor Advisory | |
secalert_us@oracle.com | http://www.securityfocus.com/bid/101328 | Broken Link | |
secalert_us@oracle.com | http://www.securitytracker.com/id/1039596 | Broken Link | |
secalert_us@oracle.com | https://access.redhat.com/errata/RHSA-2017:2999 | Third Party Advisory | |
secalert_us@oracle.com | https://access.redhat.com/errata/RHSA-2017:3264 | Third Party Advisory | |
secalert_us@oracle.com | https://access.redhat.com/errata/RHSA-2017:3267 | Third Party Advisory | |
secalert_us@oracle.com | https://access.redhat.com/errata/RHSA-2017:3453 | Third Party Advisory | |
secalert_us@oracle.com | https://security.gentoo.org/glsa/201710-31 | Third Party Advisory | |
secalert_us@oracle.com | https://security.netapp.com/advisory/ntap-20171019-0001/ | Third Party Advisory | |
secalert_us@oracle.com | https://www.exploit-db.com/exploits/43103/ | Exploit, Third Party Advisory, VDB Entry |
▼ | Vendor | Product |
---|---|---|
Oracle Corporation | Java |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T17:41:54.649Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "101328", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/101328" }, { "name": "RHSA-2017:3267", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:3267" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "name": "1039596", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1039596" }, { "name": "43103", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/43103/" }, { "name": "GLSA-201710-31", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201710-31" }, { "name": "RHSA-2017:3264", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:3264" }, { "name": "RHSA-2017:3453", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:3453" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20171019-0001/" }, { "name": "RHSA-2017:2999", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2999" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2017-10309", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-04T15:45:13.387759Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-04T16:53:38.783Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Java", "vendor": "Oracle Corporation", "versions": [ { "status": "affected", "version": "Java SE: 8u144" }, { "status": "affected", "version": "9" } ] } ], "datePublic": "2017-10-17T00:00:00", "descriptions": [ { "lang": "en", "value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)." } ], "problemTypes": [ { "descriptions": [ { "description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE.", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-12-14T10:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "name": "101328", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/101328" }, { "name": "RHSA-2017:3267", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:3267" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "name": "1039596", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1039596" }, { "name": "43103", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/43103/" }, { "name": "GLSA-201710-31", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201710-31" }, { "name": "RHSA-2017:3264", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:3264" }, { "name": "RHSA-2017:3453", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:3453" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20171019-0001/" }, { "name": "RHSA-2017:2999", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2999" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2017-10309", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Java", "version": { "version_data": [ { "version_affected": "=", "version_value": "Java SE: 8u144" }, { "version_affected": "=", "version_value": "9" } ] } } ] }, "vendor_name": "Oracle Corporation" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE." } ] } ] }, "references": { "reference_data": [ { "name": "101328", "refsource": "BID", "url": "http://www.securityfocus.com/bid/101328" }, { "name": "RHSA-2017:3267", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:3267" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "name": "1039596", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039596" }, { "name": "43103", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/43103/" }, { "name": "GLSA-201710-31", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201710-31" }, { "name": "RHSA-2017:3264", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:3264" }, { "name": "RHSA-2017:3453", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:3453" }, { "name": "https://security.netapp.com/advisory/ntap-20171019-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20171019-0001/" }, { "name": "RHSA-2017:2999", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2999" } ] } } } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2017-10309", "datePublished": "2017-10-19T17:00:00", "dateReserved": "2017-06-21T00:00:00", "dateUpdated": "2024-10-04T16:53:38.783Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2017-10309\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2017-10-19T17:29:02.733\",\"lastModified\":\"2022-08-12T18:04:48.053\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L).\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad en el componente Java SE de Oracle Java SE (subcomponente: Deployment). Las versiones compatibles que se han visto afectadas son Java SE: 8u144 y 9. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante sin autenticar que tenga acceso a red por medio de m\u00faltiples protocolos comprometa la seguridad de Java SE. Para que los ataques tengan \u00e9xito, se necesita la participaci\u00f3n de otra persona diferente del atacante y, aunque la vulnerabilidad est\u00e1 presente en Java SE, los ataques podr\u00edan afectar seriamente a productos adicionales. Los ataques exitosos a esta vulnerabilidad pueden resultar en el acceso no autorizado de actualizaci\u00f3n, inserci\u00f3n o supresi\u00f3n de algunos de los datos accesibles de Java SE, as\u00ed como el acceso de lectura sin autorizaci\u00f3n de un subconjunto de datos accesibles de Java SE y la capacidad no autorizada de provocar una denegaci\u00f3n de servicio parcial (DoS parcial) de Java SE. Nota: Esta vulnerabilidad se aplica a implementaciones Java, normalmente en clientes que ejecutan aplicaciones Java Web Start en sandbox o applets Java en sandbox que cargan y ejecutan c\u00f3digo que no es de confianza (por ejemplo, c\u00f3digo proveniente de internet) y que conf\u00edan en la sandbox de aislado Java para protegerse. Esta vulnerabilidad no se aplica a implementaciones Java, normalmente en servidores, que solo cargan y ejecutan c\u00f3digo de confianza (por ejemplo, c\u00f3digo instalado por un administrador). CVSS 3.0 Base Score 7.1 (impactos en la confidencialidad, integridad y disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":6.8},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.8.0:update144:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D36F2A6-1329-4D74-BADC-C22D46CF7CFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"270968EC-7662-41E1-BA9B-D259BEC53A1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.8.0:update144:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCC055BA-0D21-4D2B-AC9B-B81B8468860C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66910F84-DDFD-4BA8-BE7F-44EB5E3F9C3D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4F86C3C-B99C-44C6-97D7-163DC3F59687\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33C068A4-3780-4EAB-A937-6082DF847564\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CF73560-2F5B-4723-A8A1-9AADBB3ADA00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BBCD86A-E6C7-4444-9D74-F861084090F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*\",\"versionStartIncluding\":\"7.3\",\"matchCriteriaId\":\"BD075607-09B7-493E-8611-66D041FFDA62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*\",\"versionStartIncluding\":\"9.5\",\"matchCriteriaId\":\"0CB28AF5-5AF0-4475-A7B6-12E1795FFDCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C2089EE-5D7F-47EC-8EA5-0F69790564C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:e-series_santricity_management_plug-ins:-:*:*:*:*:vmware_vcenter:*:*\",\"matchCriteriaId\":\"280520BC-070C-4423-A633-E6FE45E53D57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0\",\"versionEndIncluding\":\"11.70.1\",\"matchCriteriaId\":\"73F81EC3-4AB0-4CD7-B845-267C5974DE98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D9CC59D-6182-4B5E-96B5-226FCD343916\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:*\",\"matchCriteriaId\":\"1AEFF829-A8F2-4041-8DDF-E705DB3ADED2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85DF4B3F-4BBC-42B7-B729-096934523D63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1BE6C1F-2565-4E97-92AA-16563E5660A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"698C6261-679D-45C1-A396-57AC96AD64D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BD81527-A341-42C3-9AB9-880D3DB04B08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*\",\"versionEndIncluding\":\"7.1\",\"matchCriteriaId\":\"E32A4C2E-3DA6-4BE5-9D95-9F800B01ED9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*\",\"versionEndIncluding\":\"7.1\",\"matchCriteriaId\":\"1A79A7B7-2CE9-4F5E-B76D-01A882C66226\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*\",\"matchCriteriaId\":\"3FA5E22C-489B-4C5F-A5F3-C03F45CA8811\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5735E553-9731-4AAC-BCFF-989377F817B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFE0A9D2-9A49-4BF6-BC6F-8249162D8334\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*\",\"matchCriteriaId\":\"26A2B713-7D6D-420A-93A4-E0D983C983DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*\",\"matchCriteriaId\":\"64DE38C8-94F1-4860-B045-F33928F676A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E94F7F59-1785-493F-91A7-5F5EA5E87E4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:vmware_vsphere:*:*\",\"versionStartIncluding\":\"7.2\",\"matchCriteriaId\":\"6BF60DAD-DAA2-4543-B82E-8E17F7B1DA06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:windows:*:*\",\"versionStartIncluding\":\"7.2\",\"matchCriteriaId\":\"1E35D95E-CCBF-4335-A4DB-02218BA172DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.2\",\"matchCriteriaId\":\"13270F58-E106-48CE-9933-E68AABBBFC21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"923F6B82-6A8B-4994-89F6-C430775D5234\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*\",\"versionStartIncluding\":\"7.2\",\"matchCriteriaId\":\"B7B42CB6-3C14-4183-AFA8-C3682F8B54AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"2AA40F7F-504D-47A9-9778-EC4CE46EB8BF\"}]}]}],\"references\":[{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/101328\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securitytracker.com/id/1039596\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2999\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3264\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3267\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3453\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201710-31\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20171019-0001/\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/43103/\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]}]}}" } }
rhsa-2017_3453
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for java-1.8.0-ibm is now available for Red Hat Satellite 5.8 and Red Hat Satellite 5.8 ELS.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM\nJava Software Development Kit.\n\nThis update upgrades IBM Java SE 8 to version 8 SR5-FP5.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the IBM Java Runtime\nEnvironment and the IBM Java Software Development Kit. Further information\nabout these flaws can be found on the IBM Java Security Vulnerabilities\npage listed in the References section. (CVE-2016-9840, CVE-2016-9841,\nCVE-2016-9842, CVE-2016-9843, CVE-2016-10165, CVE-2017-1289, CVE-2017-3509,\nCVE-2017-3511, CVE-2017-3533, CVE-2017-3539, CVE-2017-3544, CVE-2017-10053,\nCVE-2017-10067, CVE-2017-10078, CVE-2017-10087, CVE-2017-10089,\nCVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102,\nCVE-2017-10105, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109,\nCVE-2017-10110, CVE-2017-10115, CVE-2017-10116, CVE-2017-10243,\nCVE-2017-10281, CVE-2017-10285, CVE-2017-10295, CVE-2017-10309,\nCVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348,\nCVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356,\nCVE-2017-10357, CVE-2017-10388)\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted\n(\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must\nbe restarted for this update to take effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2017:3453", "url": "https://access.redhat.com/errata/RHSA-2017:3453" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1367357", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367357" }, { "category": "external", "summary": "1402345", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402345" }, { "category": "external", "summary": "1402346", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402346" }, { "category": "external", "summary": "1402348", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402348" }, { "category": "external", "summary": "1402351", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402351" }, { "category": "external", "summary": "1443007", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443007" }, { "category": "external", "summary": "1443052", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443052" }, { "category": "external", "summary": "1443068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443068" }, { "category": "external", "summary": "1443083", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443083" }, { "category": "external", "summary": "1443097", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443097" }, { "category": "external", "summary": "1449603", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1449603" }, { "category": "external", "summary": "1471266", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471266" }, { "category": "external", "summary": "1471270", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471270" }, { "category": "external", "summary": "1471517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471517" }, { "category": "external", "summary": "1471521", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471521" }, { "category": "external", "summary": "1471523", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471523" }, { "category": "external", "summary": "1471527", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471527" }, { "category": "external", "summary": "1471528", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471528" }, { "category": "external", "summary": "1471535", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471535" }, { "category": "external", "summary": "1471670", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471670" }, { "category": "external", "summary": "1471738", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471738" }, { "category": "external", "summary": "1471851", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471851" }, { "category": "external", "summary": "1471888", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471888" }, { "category": "external", "summary": "1471889", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471889" }, { "category": "external", "summary": "1471898", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471898" }, { "category": "external", "summary": "1472345", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472345" }, { "category": "external", "summary": "1472666", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472666" }, { "category": "external", "summary": "1472667", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472667" }, { "category": "external", "summary": "1501868", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501868" }, { "category": "external", "summary": "1501873", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501873" }, { "category": "external", "summary": "1502038", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502038" }, { "category": "external", "summary": "1502611", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502611" }, { "category": "external", "summary": "1502614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502614" }, { "category": "external", "summary": "1502629", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502629" }, { "category": "external", "summary": "1502632", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502632" }, { "category": "external", "summary": "1502640", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502640" }, { "category": "external", "summary": "1502649", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502649" }, { "category": "external", "summary": "1502687", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502687" }, { "category": "external", "summary": "1502858", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502858" }, { "category": "external", "summary": "1502869", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502869" }, { "category": "external", "summary": "1503169", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503169" }, { "category": "external", "summary": "1503319", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503319" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3453.json" } ], "title": "Red Hat Security Advisory: java-1.8.0-ibm security update", "tracking": { "current_release_date": "2024-11-05T20:18:11+00:00", "generator": { "date": "2024-11-05T20:18:11+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2017:3453", "initial_release_date": "2017-12-13T16:48:15+00:00", "revision_history": [ { "date": "2017-12-13T16:48:15+00:00", "number": "1", "summary": "Initial version" }, { "date": "2017-12-13T16:48:15+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T20:18:11+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Satellite 5.8 (RHEL v.6)", "product": { "name": "Red Hat Satellite 5.8 (RHEL v.6)", "product_id": "6Server-Satellite58", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.8::el6" } } }, { "category": "product_name", "name": "Red Hat Satellite 5.8 ELS (RHEL v.6)", "product": { "name": "Red Hat Satellite 5.8 ELS (RHEL v.6)", "product_id": "6Server-Satellite58-ELS", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.8::el6" } } } ], "category": "product_family", "name": "Red Hat Satellite" }, { "branches": [ { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "product": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "product_id": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.5.5-1jpp.1.el6_9?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "product": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "product_id": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.5.5-1jpp.1.el6_9?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "product": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "product_id": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.5.5-1jpp.1.el6_9?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "product": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "product_id": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.5.5-1jpp.1.el6_9?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "product": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "product_id": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.5.5-1jpp.1.el6_9?arch=src\u0026epoch=1" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x as a component of Red Hat Satellite 5.8 ELS (RHEL v.6)", "product_id": "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "relates_to_product_reference": "6Server-Satellite58-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src as a component of Red Hat Satellite 5.8 ELS (RHEL v.6)", "product_id": "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "relates_to_product_reference": "6Server-Satellite58-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Satellite 5.8 ELS (RHEL v.6)", "product_id": "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Server-Satellite58-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x as a component of Red Hat Satellite 5.8 ELS (RHEL v.6)", "product_id": "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "relates_to_product_reference": "6Server-Satellite58-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Satellite 5.8 ELS (RHEL v.6)", "product_id": "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Server-Satellite58-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x as a component of Red Hat Satellite 5.8 (RHEL v.6)", "product_id": "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "relates_to_product_reference": "6Server-Satellite58" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src as a component of Red Hat Satellite 5.8 (RHEL v.6)", "product_id": "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "relates_to_product_reference": "6Server-Satellite58" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Satellite 5.8 (RHEL v.6)", "product_id": "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Server-Satellite58" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x as a component of Red Hat Satellite 5.8 (RHEL v.6)", "product_id": "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "relates_to_product_reference": "6Server-Satellite58" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Satellite 5.8 (RHEL v.6)", "product_id": "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Server-Satellite58" } ] }, "vulnerabilities": [ { "cve": "CVE-2016-9840", "discovery_date": "2016-12-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1402345" } ], "notes": [ { "category": "description", "text": "inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.", "title": "Vulnerability description" }, { "category": "summary", "text": "zlib: Out-of-bounds pointer arithmetic in inftrees.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-9840" }, { "category": "external", "summary": "RHBZ#1402345", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402345" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-9840", "url": "https://www.cve.org/CVERecord?id=CVE-2016-9840" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9840", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9840" }, { "category": "external", "summary": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7", "url": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7" }, { "category": "external", "summary": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf", "url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf" } ], "release_date": "2016-09-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "zlib: Out-of-bounds pointer arithmetic in inftrees.c" }, { "cve": "CVE-2016-9841", "discovery_date": "2016-12-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1402346" } ], "notes": [ { "category": "description", "text": "inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.", "title": "Vulnerability description" }, { "category": "summary", "text": "zlib: Out-of-bounds pointer arithmetic in inffast.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-9841" }, { "category": "external", "summary": "RHBZ#1402346", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402346" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-9841", "url": "https://www.cve.org/CVERecord?id=CVE-2016-9841" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9841", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9841" }, { "category": "external", "summary": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7", "url": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7" }, { "category": "external", "summary": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf", "url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf" } ], "release_date": "2016-09-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "zlib: Out-of-bounds pointer arithmetic in inffast.c" }, { "cve": "CVE-2016-9842", "discovery_date": "2016-12-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1402348" } ], "notes": [ { "category": "description", "text": "The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.", "title": "Vulnerability description" }, { "category": "summary", "text": "zlib: Undefined left shift of negative number", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-9842" }, { "category": "external", "summary": "RHBZ#1402348", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402348" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-9842", "url": "https://www.cve.org/CVERecord?id=CVE-2016-9842" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9842", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9842" }, { "category": "external", "summary": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7", "url": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7" }, { "category": "external", "summary": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf", "url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf" } ], "release_date": "2016-09-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "zlib: Undefined left shift of negative number" }, { "cve": "CVE-2016-9843", "discovery_date": "2016-12-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1402351" } ], "notes": [ { "category": "description", "text": "The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.", "title": "Vulnerability description" }, { "category": "summary", "text": "zlib: Big-endian out-of-bounds pointer", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-9843" }, { "category": "external", "summary": "RHBZ#1402351", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402351" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-9843", "url": "https://www.cve.org/CVERecord?id=CVE-2016-9843" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9843", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9843" }, { "category": "external", "summary": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7", "url": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7" }, { "category": "external", "summary": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf", "url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf" } ], "release_date": "2016-09-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "zlib: Big-endian out-of-bounds pointer" }, { "cve": "CVE-2016-10165", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2016-08-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1367357" } ], "notes": [ { "category": "description", "text": "The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.", "title": "Vulnerability description" }, { "category": "summary", "text": "lcms2: Out-of-bounds read in Type_MLU_Read()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-10165" }, { "category": "external", "summary": "RHBZ#1367357", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367357" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-10165", "url": "https://www.cve.org/CVERecord?id=CVE-2016-10165" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10165", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10165" } ], "release_date": "2016-08-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "lcms2: Out-of-bounds read in Type_MLU_Read()" }, { "cve": "CVE-2017-1289", "cwe": { "id": "CWE-611", "name": "Improper Restriction of XML External Entity Reference" }, "discovery_date": "2017-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1449603" } ], "notes": [ { "category": "description", "text": "IBM SDK, Java Technology Edition is vulnerable XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 125150.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: XML External Entity Injection (XXE) error when processing XML data", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-1289" }, { "category": "external", "summary": "RHBZ#1449603", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1449603" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-1289", "url": "https://www.cve.org/CVERecord?id=CVE-2017-1289" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1289", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1289" } ], "release_date": "2017-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: XML External Entity Injection (XXE) error when processing XML data" }, { "cve": "CVE-2017-3509", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "discovery_date": "2017-04-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1443052" } ], "notes": [ { "category": "description", "text": "It was discovered that the HTTP client implementation in the Networking component of OpenJDK could cache and re-use an NTLM authenticated connection in a different security context. A remote attacker could possibly use this flaw to make a Java application perform HTTP requests authenticated with credentials of a different user.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: improper re-use of NTLM authenticated connections (Networking, 8163520)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3509" }, { "category": "external", "summary": "RHBZ#1443052", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443052" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3509", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3509" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3509", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3509" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA" } ], "release_date": "2017-04-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: improper re-use of NTLM authenticated connections (Networking, 8163520)" }, { "cve": "CVE-2017-3511", "cwe": { "id": "CWE-426", "name": "Untrusted Search Path" }, "discovery_date": "2017-04-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1443007" } ], "notes": [ { "category": "description", "text": "An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: untrusted extension directories search path in Launcher (JCE, 8163528)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3511" }, { "category": "external", "summary": "RHBZ#1443007", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443007" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3511", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3511" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3511", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3511" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA" } ], "release_date": "2017-04-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: untrusted extension directories search path in Launcher (JCE, 8163528)" }, { "cve": "CVE-2017-3533", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-02-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1443083" } ], "notes": [ { "category": "description", "text": "A newline injection flaw was discovered in the FTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate FTP connections established by a Java application.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: newline injection in the FTP client (Networking, 8170222)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3533" }, { "category": "external", "summary": "RHBZ#1443083", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443083" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3533", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3533" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3533", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3533" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA" } ], "release_date": "2017-02-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: newline injection in the FTP client (Networking, 8170222)" }, { "cve": "CVE-2017-3539", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2017-04-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1443097" } ], "notes": [ { "category": "description", "text": "It was discovered that the Security component of OpenJDK did not allow users to restrict the set of algorithms allowed for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: MD5 allowed for jar verification (Security, 8171121)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3539" }, { "category": "external", "summary": "RHBZ#1443097", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443097" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3539", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3539" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3539", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3539" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA" } ], "release_date": "2017-04-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: MD5 allowed for jar verification (Security, 8171121)" }, { "cve": "CVE-2017-3544", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-04-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1443068" } ], "notes": [ { "category": "description", "text": "A newline injection flaw was discovered in the SMTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate SMTP connections established by a Java application.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: newline injection in the SMTP client (Networking, 8171533)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3544" }, { "category": "external", "summary": "RHBZ#1443068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443068" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3544", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3544" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3544", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3544" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA" } ], "release_date": "2017-04-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: newline injection in the SMTP client (Networking, 8171533)" }, { "cve": "CVE-2017-10053", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1471889" } ], "notes": [ { "category": "description", "text": "It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: reading of unprocessed image data in JPEGImageReader (2D, 8169209)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10053" }, { "category": "external", "summary": "RHBZ#1471889", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471889" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10053", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10053" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10053", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10053" } ], "release_date": "2017-07-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: reading of unprocessed image data in JPEGImageReader (2D, 8169209)" }, { "cve": "CVE-2017-10067", "discovery_date": "2017-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1471535" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: JAR verifier incorrect handling of missing digest (Security, 8169392)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10067" }, { "category": "external", "summary": "RHBZ#1471535", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471535" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10067", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10067" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10067", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10067" } ], "release_date": "2017-07-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: JAR verifier incorrect handling of missing digest (Security, 8169392)" }, { "cve": "CVE-2017-10078", "discovery_date": "2017-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1471898" } ], "notes": [ { "category": "description", "text": "It was discovered that the Nashorn JavaScript engine in the Scripting component of OpenJDK could allow scripts to access Java APIs even when access to Java APIs was disabled. An untrusted JavaScript executed by Nashorn could use this flaw to bypass intended restrictions.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Nashorn incompletely blocking access to Java APIs (Scripting, 8171539)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10078" }, { "category": "external", "summary": "RHBZ#1471898", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471898" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10078", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10078" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10078", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10078" } ], "release_date": "2017-07-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: Nashorn incompletely blocking access to Java APIs (Scripting, 8171539)" }, { "cve": "CVE-2017-10087", "discovery_date": "2017-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1471521" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient access control checks in ThreadPoolExecutor (Libraries, 8172204)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10087" }, { "category": "external", "summary": "RHBZ#1471521", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471521" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10087", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10087" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10087", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10087" } ], "release_date": "2017-07-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient access control checks in ThreadPoolExecutor (Libraries, 8172204)" }, { "cve": "CVE-2017-10089", "discovery_date": "2017-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1471270" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient access control checks in ServiceRegistry (ImageIO, 8172461)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10089" }, { "category": "external", "summary": "RHBZ#1471270", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471270" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10089", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10089" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10089", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10089" } ], "release_date": "2017-07-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient access control checks in ServiceRegistry (ImageIO, 8172461)" }, { "cve": "CVE-2017-10090", "discovery_date": "2017-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1471517" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient access control checks in AsynchronousChannelGroupImpl (8172465, Libraries)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10090" }, { "category": "external", "summary": "RHBZ#1471517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471517" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10090", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10090" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10090", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10090" } ], "release_date": "2017-07-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient access control checks in AsynchronousChannelGroupImpl (8172465, Libraries)" }, { "cve": "CVE-2017-10096", "discovery_date": "2017-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1471528" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient access control checks in XML transformations (JAXP, 8172469)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10096" }, { "category": "external", "summary": "RHBZ#1471528", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471528" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10096", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10096" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10096", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10096" } ], "release_date": "2017-07-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient access control checks in XML transformations (JAXP, 8172469)" }, { "cve": "CVE-2017-10101", "discovery_date": "2017-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1471527" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unrestricted access to com.sun.org.apache.xml.internal.resolver (JAXP, 8173286)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10101" }, { "category": "external", "summary": "RHBZ#1471527", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471527" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10101", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10101" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10101", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10101" } ], "release_date": "2017-07-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: unrestricted access to com.sun.org.apache.xml.internal.resolver (JAXP, 8173286)" }, { "cve": "CVE-2017-10102", "discovery_date": "2017-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1472345" } ], "notes": [ { "category": "description", "text": "It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incorrect handling of references in DGC (RMI, 8163958)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10102" }, { "category": "external", "summary": "RHBZ#1472345", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472345" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10102", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10102" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10102", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10102" } ], "release_date": "2017-07-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: incorrect handling of references in DGC (RMI, 8163958)" }, { "cve": "CVE-2017-10105", "discovery_date": "2017-07-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1472667" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N).", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u161, 7u151, and 8u141 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10105" }, { "category": "external", "summary": "RHBZ#1472667", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472667" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10105", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10105" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10105", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10105" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixJAVA" } ], "release_date": "2017-07-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u161, 7u151, and 8u141 (Deployment)" }, { "cve": "CVE-2017-10107", "discovery_date": "2017-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1471266" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient access control checks in ActivationID (RMI, 8173697)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10107" }, { "category": "external", "summary": "RHBZ#1471266", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471266" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10107", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10107" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10107", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10107" } ], "release_date": "2017-07-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient access control checks in ActivationID (RMI, 8173697)" }, { "cve": "CVE-2017-10108", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1471888" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation in BasicAttribute deserialization (Serialization, 8174105)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10108" }, { "category": "external", "summary": "RHBZ#1471888", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471888" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10108", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10108" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10108", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10108" } ], "release_date": "2017-07-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation in BasicAttribute deserialization (Serialization, 8174105)" }, { "cve": "CVE-2017-10109", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1471670" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation in CodeSource deserialization (Serialization, 8174113)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10109" }, { "category": "external", "summary": "RHBZ#1471670", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471670" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10109", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10109" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10109", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10109" } ], "release_date": "2017-07-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation in CodeSource deserialization (Serialization, 8174113)" }, { "cve": "CVE-2017-10110", "discovery_date": "2017-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1471523" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient access control checks in ImageWatched (AWT, 8174098)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10110" }, { "category": "external", "summary": "RHBZ#1471523", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471523" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10110", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10110" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10110", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10110" } ], "release_date": "2017-07-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient access control checks in ImageWatched (AWT, 8174098)" }, { "cve": "CVE-2017-10115", "cwe": { "id": "CWE-385", "name": "Covert Timing Channel" }, "discovery_date": "2017-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1471851" } ], "notes": [ { "category": "description", "text": "A covert timing channel flaw was found in the DSA implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application generate DSA signatures on demand could possibly use this flaw to extract certain information about the used key via a timing side channel.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: DSA implementation timing attack (JCE, 8175106)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10115" }, { "category": "external", "summary": "RHBZ#1471851", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471851" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10115", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10115" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10115", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10115" } ], "release_date": "2017-07-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: DSA implementation timing attack (JCE, 8175106)" }, { "cve": "CVE-2017-10116", "discovery_date": "2017-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1471738" } ], "notes": [ { "category": "description", "text": "It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: LDAPCertStore following referrals to non-LDAP URLs (Security, 8176067)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10116" }, { "category": "external", "summary": "RHBZ#1471738", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471738" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10116", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10116" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10116", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10116" } ], "release_date": "2017-07-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: LDAPCertStore following referrals to non-LDAP URLs (Security, 8176067)" }, { "cve": "CVE-2017-10243", "discovery_date": "2017-07-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1472666" } ], "notes": [ { "category": "description", "text": "It was discovered that the wsdlimport tool in the JAX-WS component of OpenJDK did not use secure XML parser settings when parsing WSDL XML documents. A specially crafted WSDL document could cause wsdlimport to use an excessive amount of CPU and memory, open connections to other hosts, or leak information.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insecure XML parsing in wsdlimport (JAX-WS, 8182054)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10243" }, { "category": "external", "summary": "RHBZ#1472666", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472666" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10243", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10243" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10243", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10243" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixJAVA" } ], "release_date": "2017-07-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: insecure XML parsing in wsdlimport (JAX-WS, 8182054)" }, { "cve": "CVE-2017-10281", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502649" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: multiple unbounded memory allocations in deserialization (Serialization, 8174109)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10281" }, { "category": "external", "summary": "RHBZ#1502649", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502649" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10281", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10281" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10281", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10281" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: multiple unbounded memory allocations in deserialization (Serialization, 8174109)" }, { "cve": "CVE-2017-10285", "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1501868" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incorrect privilege use when handling unreferenced objects (RMI, 8174966)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10285" }, { "category": "external", "summary": "RHBZ#1501868", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501868" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10285", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10285" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10285", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10285" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: incorrect privilege use when handling unreferenced objects (RMI, 8174966)" }, { "cve": "CVE-2017-10295", "cwe": { "id": "CWE-113", "name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502687" } ], "notes": [ { "category": "description", "text": "It was found that the HttpURLConnection and HttpsURLConnection classes in the Networking component of OpenJDK failed to check for newline characters embedded in URLs. An attacker able to make a Java application perform an HTTP request using an attacker provided URL could possibly inject additional headers into the request.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: HTTP client insufficient check for newline in URLs (Networking, 8176751)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10295" }, { "category": "external", "summary": "RHBZ#1502687", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502687" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10295", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10295" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10295", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10295" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: HTTP client insufficient check for newline in URLs (Networking, 8176751)" }, { "cve": "CVE-2017-10309", "discovery_date": "2017-10-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1503319" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 8u151 and 9.0.1 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10309" }, { "category": "external", "summary": "RHBZ#1503319", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503319" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10309", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10309" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10309", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10309" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JDK: unspecified vulnerability fixed in 8u151 and 9.0.1 (Deployment)" }, { "cve": "CVE-2017-10345", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502858" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded resource use in JceKeyStore deserialization (Serialization, 8181370)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10345" }, { "category": "external", "summary": "RHBZ#1502858", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502858" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10345", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10345" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10345", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10345" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: unbounded resource use in JceKeyStore deserialization (Serialization, 8181370)" }, { "cve": "CVE-2017-10346", "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1501873" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient loader constraints checks for invokespecial (Hotspot, 8180711)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10346" }, { "category": "external", "summary": "RHBZ#1501873", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501873" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10346", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10346" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10346", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10346" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient loader constraints checks for invokespecial (Hotspot, 8180711)" }, { "cve": "CVE-2017-10347", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502632" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation in SimpleTimeZone deserialization (Serialization, 8181323)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10347" }, { "category": "external", "summary": "RHBZ#1502632", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502632" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10347", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10347" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10347", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10347" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation in SimpleTimeZone deserialization (Serialization, 8181323)" }, { "cve": "CVE-2017-10348", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502629" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: multiple unbounded memory allocations in deserialization (Libraries, 8181432)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10348" }, { "category": "external", "summary": "RHBZ#1502629", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502629" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10348", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10348" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10348", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10348" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: multiple unbounded memory allocations in deserialization (Libraries, 8181432)" }, { "cve": "CVE-2017-10349", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502611" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation in PredicatedNodeTest deserialization (JAXP, 8181327)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10349" }, { "category": "external", "summary": "RHBZ#1502611", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502611" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10349", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10349" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10349", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10349" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation in PredicatedNodeTest deserialization (JAXP, 8181327)" }, { "cve": "CVE-2017-10350", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502640" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation in JAXWSExceptionBase deserialization (JAX-WS, 8181100)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10350" }, { "category": "external", "summary": "RHBZ#1502640", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502640" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10350", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10350" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10350", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10350" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation in JAXWSExceptionBase deserialization (JAX-WS, 8181100)" }, { "cve": "CVE-2017-10355", "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502869" } ], "notes": [ { "category": "description", "text": "It was found that the FtpClient implementation in the Networking component of OpenJDK did not set connect and read timeouts by default. A malicious FTP server or a man-in-the-middle attacker could use this flaw to block execution of a Java application connecting to an FTP server.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: no default network operations timeouts in FtpClient (Networking, 8181612)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10355" }, { "category": "external", "summary": "RHBZ#1502869", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502869" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10355", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10355" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10355", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10355" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: no default network operations timeouts in FtpClient (Networking, 8181612)" }, { "cve": "CVE-2017-10356", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1503169" } ], "notes": [ { "category": "description", "text": "It was discovered that the Security component of OpenJDK generated weak password-based encryption keys used to protect private keys stored in key stores. This made it easier to perform password guessing attacks to decrypt stored keys if an attacker could gain access to a key store.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: weak protection of key stores against brute forcing (Security, 8181692)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10356" }, { "category": "external", "summary": "RHBZ#1503169", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503169" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10356", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10356" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10356", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10356" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: weak protection of key stores against brute forcing (Security, 8181692)" }, { "cve": "CVE-2017-10357", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502614" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation in ObjectInputStream deserialization (Serialization, 8181597)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10357" }, { "category": "external", "summary": "RHBZ#1502614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502614" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10357", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10357" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10357", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10357" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation in ObjectInputStream deserialization (Serialization, 8181597)" }, { "cve": "CVE-2017-10388", "cwe": { "id": "CWE-345", "name": "Insufficient Verification of Data Authenticity" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502038" } ], "notes": [ { "category": "description", "text": "It was discovered that the Kerberos client implementation in the Libraries component of OpenJDK used the sname field from the plain text part rather than encrypted part of the KDC reply message. A man-in-the-middle attacker could possibly use this flaw to impersonate Kerberos services to Java applications acting as Kerberos clients.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: use of unprotected sname in Kerberos client (Libraries, 8178794)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10388" }, { "category": "external", "summary": "RHBZ#1502038", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502038" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10388", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10388" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10388", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10388" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-12-13T16:48:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.0" }, "products": [ "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58-ELS:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58-ELS:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.src", "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: use of unprotected sname in Kerberos client (Libraries, 8178794)" } ] }
rhsa-2017_2999
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for java-1.8.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.\n\nThis update upgrades Oracle Java SE 8 to version 8 Update 151.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page listed in the References section. (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2016-10165, CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10293, CVE-2017-10295, CVE-2017-10309, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2017:2999", "url": "https://access.redhat.com/errata/RHSA-2017:2999" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/java/javase/8u151-relnotes-3850493.html", "url": "http://www.oracle.com/technetwork/java/javase/8u151-relnotes-3850493.html" }, { "category": "external", "summary": "1367357", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367357" }, { "category": "external", "summary": "1402345", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402345" }, { "category": "external", "summary": "1402346", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402346" }, { "category": "external", "summary": "1402348", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402348" }, { "category": "external", "summary": "1402351", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402351" }, { "category": "external", "summary": "1501868", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501868" }, { "category": "external", "summary": "1501873", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501873" }, { "category": "external", "summary": "1502038", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502038" }, { "category": "external", "summary": "1502053", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502053" }, { "category": "external", "summary": "1502611", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502611" }, { "category": "external", "summary": "1502614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502614" }, { "category": "external", "summary": "1502629", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502629" }, { "category": "external", "summary": "1502632", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502632" }, { "category": "external", "summary": "1502640", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502640" }, { "category": "external", "summary": "1502649", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502649" }, { "category": "external", "summary": "1502687", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502687" }, { "category": "external", "summary": "1502858", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502858" }, { "category": "external", "summary": "1502869", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502869" }, { "category": "external", "summary": "1503169", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503169" }, { "category": "external", "summary": "1503319", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503319" }, { "category": "external", "summary": "1503320", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503320" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2999.json" } ], "title": "Red Hat Security Advisory: java-1.8.0-oracle security update", "tracking": { "current_release_date": "2024-11-05T20:14:07+00:00", "generator": { "date": "2024-11-05T20:14:07+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2017:2999", "initial_release_date": "2017-10-23T07:44:37+00:00", "revision_history": [ { "date": "2017-10-23T07:44:37+00:00", "number": "1", "summary": "Initial version" }, { "date": "2017-12-14T15:18:50+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T20:14:07+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Oracle Java for Red Hat Enterprise Linux Desktop 6", "product": { "name": "Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6" } } }, { "category": "product_name", "name": "Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product": { "name": "Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6" } } }, { "category": "product_name", "name": "Oracle Java for Red Hat Enterprise Linux Server 6", "product": { "name": "Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6" } } }, { "category": "product_name", "name": "Oracle Java for Red Hat Enterprise Linux Workstation 6", "product": { "name": "Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6" } } }, { "category": "product_name", "name": "Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product": { "name": "Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-OracleJava-7.4.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7" } } }, { "category": "product_name", "name": "Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product": { "name": "Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product_id": "7ComputeNode-OracleJava-7.4.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7" } } }, { "category": "product_name", "name": "Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product": { "name": "Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-OracleJava-7.4.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7" } } }, { "category": "product_name", "name": "Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product": { "name": "Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-OracleJava-7.4.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7" } } } ], "category": "product_family", "name": "Oracle Java for Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "product": { "name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "product_id": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-oracle-devel@1.8.0.151-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "product": { "name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "product_id": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-oracle-javafx@1.8.0.151-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "product": { "name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "product_id": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-oracle@1.8.0.151-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "product": { "name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "product_id": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-oracle-jdbc@1.8.0.151-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "product": { "name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "product_id": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-oracle-src@1.8.0.151-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "product": { "name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "product_id": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-oracle-plugin@1.8.0.151-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "product": { "name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "product_id": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-oracle-src@1.8.0.151-1jpp.5.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "product": { "name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "product_id": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-oracle-javafx@1.8.0.151-1jpp.5.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "product": { "name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "product_id": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-oracle-plugin@1.8.0.151-1jpp.5.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "product": { "name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "product_id": "java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-oracle@1.8.0.151-1jpp.5.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "product": { "name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "product_id": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-oracle-jdbc@1.8.0.151-1jpp.5.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "product": { "name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "product_id": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-oracle-devel@1.8.0.151-1jpp.5.el7?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "product": { "name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "product_id": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-oracle-devel@1.8.0.151-1jpp.1.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "product": { "name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "product_id": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-oracle-javafx@1.8.0.151-1jpp.1.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "product": { "name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "product_id": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-oracle@1.8.0.151-1jpp.1.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "product": { "name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "product_id": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-oracle-jdbc@1.8.0.151-1jpp.1.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "product": { "name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "product_id": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-oracle-src@1.8.0.151-1jpp.1.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "product": { "name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "product_id": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-oracle-plugin@1.8.0.151-1jpp.1.el6?arch=i686\u0026epoch=1" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686" }, "product_reference": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64" }, "product_reference": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686" }, "product_reference": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64" }, "product_reference": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686" }, "product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64" }, "product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686" }, "product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64" }, "product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686" }, "product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64" }, "product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686" }, "product_reference": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6", "product_id": "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64" }, "product_reference": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Client-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686" }, "product_reference": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64" }, "product_reference": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686" }, "product_reference": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64" }, "product_reference": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686" }, "product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64" }, "product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686" }, "product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64" }, "product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686" }, "product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64" }, "product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686" }, "product_reference": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6", "product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64" }, "product_reference": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686" }, "product_reference": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64" }, "product_reference": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686" }, "product_reference": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64" }, "product_reference": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686" }, "product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64" }, "product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686" }, "product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64" }, "product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686" }, "product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64" }, "product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686" }, "product_reference": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6", "product_id": "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64" }, "product_reference": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686" }, "product_reference": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64" }, "product_reference": "java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686" }, "product_reference": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64" }, "product_reference": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686" }, "product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64" }, "product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686" }, "product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64" }, "product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686" }, "product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64" }, "product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686" }, "product_reference": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6", "product_id": "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64" }, "product_reference": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Workstation-OracleJava-6.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64" }, "product_reference": "java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "relates_to_product_reference": "7Client-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64" }, "product_reference": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "relates_to_product_reference": "7Client-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64" }, "product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "relates_to_product_reference": "7Client-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64" }, "product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "relates_to_product_reference": "7Client-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64" }, "product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "relates_to_product_reference": "7Client-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" }, "product_reference": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "relates_to_product_reference": "7Client-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64" }, "product_reference": "java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64" }, "product_reference": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64" }, "product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64" }, "product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64" }, "product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)", "product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" }, "product_reference": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64" }, "product_reference": "java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "relates_to_product_reference": "7Server-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64" }, "product_reference": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "relates_to_product_reference": "7Server-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64" }, "product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "relates_to_product_reference": "7Server-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64" }, "product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "relates_to_product_reference": "7Server-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64" }, "product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "relates_to_product_reference": "7Server-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" }, "product_reference": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "relates_to_product_reference": "7Server-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64" }, "product_reference": "java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "relates_to_product_reference": "7Workstation-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64" }, "product_reference": "java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "relates_to_product_reference": "7Workstation-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64" }, "product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "relates_to_product_reference": "7Workstation-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64" }, "product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "relates_to_product_reference": "7Workstation-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64" }, "product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "relates_to_product_reference": "7Workstation-OracleJava-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" }, "product_reference": "java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "relates_to_product_reference": "7Workstation-OracleJava-7.4.Z" } ] }, "vulnerabilities": [ { "cve": "CVE-2016-9840", "discovery_date": "2016-12-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1402345" } ], "notes": [ { "category": "description", "text": "inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.", "title": "Vulnerability description" }, { "category": "summary", "text": "zlib: Out-of-bounds pointer arithmetic in inftrees.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-9840" }, { "category": "external", "summary": "RHBZ#1402345", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402345" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-9840", "url": "https://www.cve.org/CVERecord?id=CVE-2016-9840" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9840", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9840" }, { "category": "external", "summary": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7", "url": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7" }, { "category": "external", "summary": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf", "url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf" } ], "release_date": "2016-09-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-10-23T07:44:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2999" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "zlib: Out-of-bounds pointer arithmetic in inftrees.c" }, { "cve": "CVE-2016-9841", "discovery_date": "2016-12-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1402346" } ], "notes": [ { "category": "description", "text": "inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.", "title": "Vulnerability description" }, { "category": "summary", "text": "zlib: Out-of-bounds pointer arithmetic in inffast.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-9841" }, { "category": "external", "summary": "RHBZ#1402346", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402346" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-9841", "url": "https://www.cve.org/CVERecord?id=CVE-2016-9841" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9841", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9841" }, { "category": "external", "summary": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7", "url": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7" }, { "category": "external", "summary": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf", "url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf" } ], "release_date": "2016-09-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-10-23T07:44:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2999" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "zlib: Out-of-bounds pointer arithmetic in inffast.c" }, { "cve": "CVE-2016-9842", "discovery_date": "2016-12-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1402348" } ], "notes": [ { "category": "description", "text": "The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.", "title": "Vulnerability description" }, { "category": "summary", "text": "zlib: Undefined left shift of negative number", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-9842" }, { "category": "external", "summary": "RHBZ#1402348", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402348" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-9842", "url": "https://www.cve.org/CVERecord?id=CVE-2016-9842" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9842", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9842" }, { "category": "external", "summary": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7", "url": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7" }, { "category": "external", "summary": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf", "url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf" } ], "release_date": "2016-09-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-10-23T07:44:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2999" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "zlib: Undefined left shift of negative number" }, { "cve": "CVE-2016-9843", "discovery_date": "2016-12-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1402351" } ], "notes": [ { "category": "description", "text": "The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.", "title": "Vulnerability description" }, { "category": "summary", "text": "zlib: Big-endian out-of-bounds pointer", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-9843" }, { "category": "external", "summary": "RHBZ#1402351", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402351" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-9843", "url": "https://www.cve.org/CVERecord?id=CVE-2016-9843" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9843", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9843" }, { "category": "external", "summary": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7", "url": "https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7" }, { "category": "external", "summary": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf", "url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf" } ], "release_date": "2016-09-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-10-23T07:44:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2999" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "zlib: Big-endian out-of-bounds pointer" }, { "cve": "CVE-2016-10165", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2016-08-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1367357" } ], "notes": [ { "category": "description", "text": "The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.", "title": "Vulnerability description" }, { "category": "summary", "text": "lcms2: Out-of-bounds read in Type_MLU_Read()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-10165" }, { "category": "external", "summary": "RHBZ#1367357", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367357" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-10165", "url": "https://www.cve.org/CVERecord?id=CVE-2016-10165" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10165", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10165" } ], "release_date": "2016-08-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-10-23T07:44:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2999" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "lcms2: Out-of-bounds read in Type_MLU_Read()" }, { "cve": "CVE-2017-10274", "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502053" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE accessible data as well as unauthorized access to critical data or complete access to all Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: CardImpl incorrect state handling (Smart Card IO, 8169026)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10274" }, { "category": "external", "summary": "RHBZ#1502053", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502053" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10274", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10274" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10274", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10274" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-10-23T07:44:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2999" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: CardImpl incorrect state handling (Smart Card IO, 8169026)" }, { "cve": "CVE-2017-10281", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502649" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: multiple unbounded memory allocations in deserialization (Serialization, 8174109)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10281" }, { "category": "external", "summary": "RHBZ#1502649", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502649" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10281", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10281" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10281", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10281" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-10-23T07:44:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2999" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: multiple unbounded memory allocations in deserialization (Serialization, 8174109)" }, { "cve": "CVE-2017-10285", "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1501868" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incorrect privilege use when handling unreferenced objects (RMI, 8174966)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10285" }, { "category": "external", "summary": "RHBZ#1501868", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501868" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10285", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10285" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10285", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10285" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-10-23T07:44:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2999" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: incorrect privilege use when handling unreferenced objects (RMI, 8174966)" }, { "cve": "CVE-2017-10293", "discovery_date": "2017-10-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1503320" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u171, 7u161, 8u151, and 9.0.1 (Javadoc)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10293" }, { "category": "external", "summary": "RHBZ#1503320", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503320" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10293", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10293" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10293", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10293" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-10-23T07:44:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2999" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u171, 7u161, 8u151, and 9.0.1 (Javadoc)" }, { "cve": "CVE-2017-10295", "cwe": { "id": "CWE-113", "name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502687" } ], "notes": [ { "category": "description", "text": "It was found that the HttpURLConnection and HttpsURLConnection classes in the Networking component of OpenJDK failed to check for newline characters embedded in URLs. An attacker able to make a Java application perform an HTTP request using an attacker provided URL could possibly inject additional headers into the request.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: HTTP client insufficient check for newline in URLs (Networking, 8176751)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10295" }, { "category": "external", "summary": "RHBZ#1502687", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502687" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10295", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10295" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10295", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10295" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-10-23T07:44:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2999" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: HTTP client insufficient check for newline in URLs (Networking, 8176751)" }, { "cve": "CVE-2017-10309", "discovery_date": "2017-10-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1503319" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 8u151 and 9.0.1 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10309" }, { "category": "external", "summary": "RHBZ#1503319", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503319" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10309", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10309" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10309", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10309" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-10-23T07:44:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2999" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JDK: unspecified vulnerability fixed in 8u151 and 9.0.1 (Deployment)" }, { "cve": "CVE-2017-10345", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502858" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded resource use in JceKeyStore deserialization (Serialization, 8181370)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10345" }, { "category": "external", "summary": "RHBZ#1502858", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502858" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10345", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10345" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10345", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10345" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-10-23T07:44:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2999" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: unbounded resource use in JceKeyStore deserialization (Serialization, 8181370)" }, { "cve": "CVE-2017-10346", "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1501873" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient loader constraints checks for invokespecial (Hotspot, 8180711)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10346" }, { "category": "external", "summary": "RHBZ#1501873", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501873" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10346", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10346" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10346", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10346" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-10-23T07:44:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2999" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient loader constraints checks for invokespecial (Hotspot, 8180711)" }, { "cve": "CVE-2017-10347", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502632" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation in SimpleTimeZone deserialization (Serialization, 8181323)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10347" }, { "category": "external", "summary": "RHBZ#1502632", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502632" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10347", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10347" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10347", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10347" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-10-23T07:44:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2999" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation in SimpleTimeZone deserialization (Serialization, 8181323)" }, { "cve": "CVE-2017-10348", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502629" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: multiple unbounded memory allocations in deserialization (Libraries, 8181432)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10348" }, { "category": "external", "summary": "RHBZ#1502629", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502629" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10348", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10348" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10348", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10348" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-10-23T07:44:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2999" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: multiple unbounded memory allocations in deserialization (Libraries, 8181432)" }, { "cve": "CVE-2017-10349", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502611" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation in PredicatedNodeTest deserialization (JAXP, 8181327)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10349" }, { "category": "external", "summary": "RHBZ#1502611", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502611" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10349", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10349" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10349", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10349" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-10-23T07:44:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2999" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation in PredicatedNodeTest deserialization (JAXP, 8181327)" }, { "cve": "CVE-2017-10350", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502640" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation in JAXWSExceptionBase deserialization (JAX-WS, 8181100)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10350" }, { "category": "external", "summary": "RHBZ#1502640", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502640" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10350", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10350" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10350", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10350" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-10-23T07:44:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2999" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation in JAXWSExceptionBase deserialization (JAX-WS, 8181100)" }, { "cve": "CVE-2017-10355", "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502869" } ], "notes": [ { "category": "description", "text": "It was found that the FtpClient implementation in the Networking component of OpenJDK did not set connect and read timeouts by default. A malicious FTP server or a man-in-the-middle attacker could use this flaw to block execution of a Java application connecting to an FTP server.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: no default network operations timeouts in FtpClient (Networking, 8181612)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10355" }, { "category": "external", "summary": "RHBZ#1502869", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502869" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10355", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10355" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10355", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10355" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-10-23T07:44:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2999" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: no default network operations timeouts in FtpClient (Networking, 8181612)" }, { "cve": "CVE-2017-10356", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1503169" } ], "notes": [ { "category": "description", "text": "It was discovered that the Security component of OpenJDK generated weak password-based encryption keys used to protect private keys stored in key stores. This made it easier to perform password guessing attacks to decrypt stored keys if an attacker could gain access to a key store.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: weak protection of key stores against brute forcing (Security, 8181692)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10356" }, { "category": "external", "summary": "RHBZ#1503169", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503169" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10356", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10356" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10356", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10356" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-10-23T07:44:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2999" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: weak protection of key stores against brute forcing (Security, 8181692)" }, { "cve": "CVE-2017-10357", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502614" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation in ObjectInputStream deserialization (Serialization, 8181597)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10357" }, { "category": "external", "summary": "RHBZ#1502614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502614" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10357", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10357" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10357", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10357" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-10-23T07:44:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2999" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation in ObjectInputStream deserialization (Serialization, 8181597)" }, { "cve": "CVE-2017-10388", "cwe": { "id": "CWE-345", "name": "Insufficient Verification of Data Authenticity" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502038" } ], "notes": [ { "category": "description", "text": "It was discovered that the Kerberos client implementation in the Libraries component of OpenJDK used the sname field from the plain text part rather than encrypted part of the KDC reply message. A man-in-the-middle attacker could possibly use this flaw to impersonate Kerberos services to Java applications acting as Kerberos clients.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: use of unprotected sname in Kerberos client (Libraries, 8178794)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10388" }, { "category": "external", "summary": "RHBZ#1502038", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502038" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10388", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10388" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10388", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10388" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-10-23T07:44:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.", "product_ids": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2999" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.0" }, "products": [ "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Client-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6ComputeNode-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Server-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6.x86_64", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.i686", "6Workstation-OracleJava-6.9.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Client-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7ComputeNode-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Server-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7.x86_64", "7Workstation-OracleJava-7.4.Z:java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: use of unprotected sname in Kerberos client (Libraries, 8178794)" } ] }
rhsa-2017_3267
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 8 to version 8 SR5-FP5.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security Vulnerabilities page listed in the References section. (CVE-2016-10165, CVE-2017-10281, CVE-2017-10285, CVE-2017-10295, CVE-2017-10309, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2017:3267", "url": "https://access.redhat.com/errata/RHSA-2017:3267" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "https://developer.ibm.com/javasdk/support/security-vulnerabilities/", "url": "https://developer.ibm.com/javasdk/support/security-vulnerabilities/" }, { "category": "external", "summary": "1367357", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367357" }, { "category": "external", "summary": "1501868", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501868" }, { "category": "external", "summary": "1501873", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501873" }, { "category": "external", "summary": "1502038", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502038" }, { "category": "external", "summary": "1502611", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502611" }, { "category": "external", "summary": "1502614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502614" }, { "category": "external", "summary": "1502629", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502629" }, { "category": "external", "summary": "1502632", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502632" }, { "category": "external", "summary": "1502640", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502640" }, { "category": "external", "summary": "1502649", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502649" }, { "category": "external", "summary": "1502687", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502687" }, { "category": "external", "summary": "1502858", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502858" }, { "category": "external", "summary": "1502869", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502869" }, { "category": "external", "summary": "1503169", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503169" }, { "category": "external", "summary": "1503319", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503319" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3267.json" } ], "title": "Red Hat Security Advisory: java-1.8.0-ibm security update", "tracking": { "current_release_date": "2024-11-05T20:16:55+00:00", "generator": { "date": "2024-11-05T20:16:55+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2017:3267", "initial_release_date": "2017-11-28T20:40:15+00:00", "revision_history": [ { "date": "2017-11-28T20:40:15+00:00", "number": "1", "summary": "Initial version" }, { "date": "2017-11-28T20:40:15+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T20:16:55+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux Supplementary" }, { "branches": [ { "category": "product_version", "name": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "product": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "product_id": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.5.5-1jpp.1.el6_9?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "product": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "product_id": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.5.5-1jpp.1.el6_9?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "product": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.5.5-1jpp.1.el6_9?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "product": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "product_id": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.5.5-1jpp.1.el6_9?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "product": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "product_id": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.5.5-1jpp.1.el6_9?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "product": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "product_id": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.5.5-1jpp.1.el6_9?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "product": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "product_id": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.5.5-1jpp.1.el6_9?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "product": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "product_id": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.5.5-1jpp.1.el6_9?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "product": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.5.5-1jpp.1.el6_9?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "product": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "product_id": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.5.5-1jpp.1.el6_9?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "product": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "product_id": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.5.5-1jpp.1.el6_9?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "product": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "product_id": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.5.5-1jpp.1.el6_9?arch=i686\u0026epoch=1" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "product": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "product_id": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.5.5-1jpp.1.el6_9?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "product": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.5.5-1jpp.1.el6_9?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "product": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "product_id": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.5.5-1jpp.1.el6_9?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "product": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "product_id": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.5.5-1jpp.1.el6_9?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "product": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "product_id": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.5.5-1jpp.1.el6_9?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "product": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "product_id": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.5.5-1jpp.1.el6_9?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "product": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.5.5-1jpp.1.el6_9?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "product": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "product_id": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.5.5-1jpp.1.el6_9?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "product": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "product_id": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.5.5-1jpp.1.el6_9?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "product": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "product_id": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.5.5-1jpp.1.el6_9?arch=ppc64\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.9.z" } ] }, "vulnerabilities": [ { "cve": "CVE-2016-10165", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2016-08-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1367357" } ], "notes": [ { "category": "description", "text": "The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.", "title": "Vulnerability description" }, { "category": "summary", "text": "lcms2: Out-of-bounds read in Type_MLU_Read()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-10165" }, { "category": "external", "summary": "RHBZ#1367357", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367357" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-10165", "url": "https://www.cve.org/CVERecord?id=CVE-2016-10165" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10165", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10165" } ], "release_date": "2016-08-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-28T20:40:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3267" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "lcms2: Out-of-bounds read in Type_MLU_Read()" }, { "cve": "CVE-2017-10281", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502649" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: multiple unbounded memory allocations in deserialization (Serialization, 8174109)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10281" }, { "category": "external", "summary": "RHBZ#1502649", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502649" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10281", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10281" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10281", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10281" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-28T20:40:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3267" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: multiple unbounded memory allocations in deserialization (Serialization, 8174109)" }, { "cve": "CVE-2017-10285", "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1501868" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incorrect privilege use when handling unreferenced objects (RMI, 8174966)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10285" }, { "category": "external", "summary": "RHBZ#1501868", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501868" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10285", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10285" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10285", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10285" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-28T20:40:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3267" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: incorrect privilege use when handling unreferenced objects (RMI, 8174966)" }, { "cve": "CVE-2017-10295", "cwe": { "id": "CWE-113", "name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502687" } ], "notes": [ { "category": "description", "text": "It was found that the HttpURLConnection and HttpsURLConnection classes in the Networking component of OpenJDK failed to check for newline characters embedded in URLs. An attacker able to make a Java application perform an HTTP request using an attacker provided URL could possibly inject additional headers into the request.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: HTTP client insufficient check for newline in URLs (Networking, 8176751)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10295" }, { "category": "external", "summary": "RHBZ#1502687", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502687" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10295", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10295" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10295", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10295" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-28T20:40:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3267" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: HTTP client insufficient check for newline in URLs (Networking, 8176751)" }, { "cve": "CVE-2017-10309", "discovery_date": "2017-10-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1503319" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 8u151 and 9.0.1 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10309" }, { "category": "external", "summary": "RHBZ#1503319", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503319" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10309", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10309" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10309", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10309" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-28T20:40:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3267" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JDK: unspecified vulnerability fixed in 8u151 and 9.0.1 (Deployment)" }, { "cve": "CVE-2017-10345", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502858" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded resource use in JceKeyStore deserialization (Serialization, 8181370)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10345" }, { "category": "external", "summary": "RHBZ#1502858", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502858" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10345", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10345" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10345", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10345" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-28T20:40:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3267" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: unbounded resource use in JceKeyStore deserialization (Serialization, 8181370)" }, { "cve": "CVE-2017-10346", "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1501873" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient loader constraints checks for invokespecial (Hotspot, 8180711)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10346" }, { "category": "external", "summary": "RHBZ#1501873", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501873" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10346", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10346" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10346", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10346" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-28T20:40:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3267" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient loader constraints checks for invokespecial (Hotspot, 8180711)" }, { "cve": "CVE-2017-10347", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502632" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation in SimpleTimeZone deserialization (Serialization, 8181323)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10347" }, { "category": "external", "summary": "RHBZ#1502632", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502632" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10347", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10347" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10347", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10347" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-28T20:40:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3267" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation in SimpleTimeZone deserialization (Serialization, 8181323)" }, { "cve": "CVE-2017-10348", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502629" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: multiple unbounded memory allocations in deserialization (Libraries, 8181432)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10348" }, { "category": "external", "summary": "RHBZ#1502629", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502629" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10348", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10348" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10348", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10348" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-28T20:40:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3267" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: multiple unbounded memory allocations in deserialization (Libraries, 8181432)" }, { "cve": "CVE-2017-10349", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502611" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation in PredicatedNodeTest deserialization (JAXP, 8181327)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10349" }, { "category": "external", "summary": "RHBZ#1502611", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502611" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10349", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10349" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10349", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10349" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-28T20:40:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3267" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation in PredicatedNodeTest deserialization (JAXP, 8181327)" }, { "cve": "CVE-2017-10350", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502640" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation in JAXWSExceptionBase deserialization (JAX-WS, 8181100)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10350" }, { "category": "external", "summary": "RHBZ#1502640", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502640" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10350", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10350" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10350", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10350" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-28T20:40:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3267" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation in JAXWSExceptionBase deserialization (JAX-WS, 8181100)" }, { "cve": "CVE-2017-10355", "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502869" } ], "notes": [ { "category": "description", "text": "It was found that the FtpClient implementation in the Networking component of OpenJDK did not set connect and read timeouts by default. A malicious FTP server or a man-in-the-middle attacker could use this flaw to block execution of a Java application connecting to an FTP server.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: no default network operations timeouts in FtpClient (Networking, 8181612)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10355" }, { "category": "external", "summary": "RHBZ#1502869", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502869" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10355", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10355" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10355", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10355" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-28T20:40:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3267" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: no default network operations timeouts in FtpClient (Networking, 8181612)" }, { "cve": "CVE-2017-10356", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1503169" } ], "notes": [ { "category": "description", "text": "It was discovered that the Security component of OpenJDK generated weak password-based encryption keys used to protect private keys stored in key stores. This made it easier to perform password guessing attacks to decrypt stored keys if an attacker could gain access to a key store.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: weak protection of key stores against brute forcing (Security, 8181692)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10356" }, { "category": "external", "summary": "RHBZ#1503169", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503169" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10356", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10356" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10356", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10356" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-28T20:40:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3267" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: weak protection of key stores against brute forcing (Security, 8181692)" }, { "cve": "CVE-2017-10357", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502614" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation in ObjectInputStream deserialization (Serialization, 8181597)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10357" }, { "category": "external", "summary": "RHBZ#1502614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502614" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10357", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10357" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10357", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10357" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-28T20:40:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3267" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation in ObjectInputStream deserialization (Serialization, 8181597)" }, { "cve": "CVE-2017-10388", "cwe": { "id": "CWE-345", "name": "Insufficient Verification of Data Authenticity" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502038" } ], "notes": [ { "category": "description", "text": "It was discovered that the Kerberos client implementation in the Libraries component of OpenJDK used the sname field from the plain text part rather than encrypted part of the KDC reply message. A man-in-the-middle attacker could possibly use this flaw to impersonate Kerberos services to Java applications acting as Kerberos clients.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: use of unprotected sname in Kerberos client (Libraries, 8178794)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10388" }, { "category": "external", "summary": "RHBZ#1502038", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502038" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10388", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10388" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10388", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10388" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-28T20:40:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3267" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Client-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6ComputeNode-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Server-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.i686", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.ppc64", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.s390x", "6Workstation-Supplementary-6.9.z:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: use of unprotected sname in Kerberos client (Libraries, 8178794)" } ] }
rhsa-2017_3264
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 8 to version 8 SR5-FP5.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security Vulnerabilities page listed in the References section. (CVE-2016-10165, CVE-2017-10281, CVE-2017-10285, CVE-2017-10295, CVE-2017-10309, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2017:3264", "url": "https://access.redhat.com/errata/RHSA-2017:3264" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "https://developer.ibm.com/javasdk/support/security-vulnerabilities/", "url": "https://developer.ibm.com/javasdk/support/security-vulnerabilities/" }, { "category": "external", "summary": "1367357", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367357" }, { "category": "external", "summary": "1501868", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501868" }, { "category": "external", "summary": "1501873", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501873" }, { "category": "external", "summary": "1502038", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502038" }, { "category": "external", "summary": "1502611", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502611" }, { "category": "external", "summary": "1502614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502614" }, { "category": "external", "summary": "1502629", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502629" }, { "category": "external", "summary": "1502632", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502632" }, { "category": "external", "summary": "1502640", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502640" }, { "category": "external", "summary": "1502649", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502649" }, { "category": "external", "summary": "1502687", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502687" }, { "category": "external", "summary": "1502858", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502858" }, { "category": "external", "summary": "1502869", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502869" }, { "category": "external", "summary": "1503169", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503169" }, { "category": "external", "summary": "1503319", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503319" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3264.json" } ], "title": "Red Hat Security Advisory: java-1.8.0-ibm security update", "tracking": { "current_release_date": "2024-11-05T20:16:50+00:00", "generator": { "date": "2024-11-05T20:16:50+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2017:3264", "initial_release_date": "2017-11-27T18:04:39+00:00", "revision_history": [ { "date": "2017-11-27T18:04:39+00:00", "number": "1", "summary": "Initial version" }, { "date": "2017-11-27T18:04:39+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T20:16:50+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Client Supplementary (v. 7)", "product": { "name": "Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:7" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product": { "name": "Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:7" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 7)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:7" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product": { "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:7" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux Supplementary" }, { "branches": [ { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "product": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "product_id": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.5.5-1jpp.2.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "product": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "product_id": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.5.5-1jpp.2.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "product": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "product_id": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.5.5-1jpp.2.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "product": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.5.5-1jpp.2.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "product": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "product_id": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.5.5-1jpp.2.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "product": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "product_id": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.5.5-1jpp.2.el7?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "product": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "product_id": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.5.5-1jpp.2.el7?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "product": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "product_id": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.5.5-1jpp.2.el7?arch=i686\u0026epoch=1" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "product": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "product_id": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.5.5-1jpp.2.el7?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "product": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "product_id": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.5.5-1jpp.2.el7?arch=ppc\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc" }, { "branches": [ { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "product": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "product_id": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.5.5-1jpp.2.el7?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "product": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "product_id": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.5.5-1jpp.2.el7?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "product": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "product_id": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.5.5-1jpp.2.el7?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "product": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.5.5-1jpp.2.el7?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "product": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "product_id": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.5.5-1jpp.2.el7?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "product": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "product_id": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.5.5-1jpp.2.el7?arch=ppc64\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "product": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "product_id": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.5.5-1jpp.2.el7?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "product": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "product_id": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.5.5-1jpp.2.el7?arch=s390\u0026epoch=1" } } } ], "category": "architecture", "name": "s390" }, { "branches": [ { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "product": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "product_id": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.5.5-1jpp.2.el7?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "product": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "product_id": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.5.5-1jpp.2.el7?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "product": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.5.5-1jpp.2.el7?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "product": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "product_id": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.5.5-1jpp.2.el7?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "product": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "product_id": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.5.5-1jpp.2.el7?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "product": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "product_id": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.5.5-1jpp.2.el7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "product": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "product_id": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.5.5-1jpp.2.el7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "product": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.5.5-1jpp.2.el7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "product": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "product_id": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.5.5-1jpp.2.el7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "product": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "product_id": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.5.5-1jpp.2.el7?arch=ppc64le\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64le" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Client-7.4.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Server-7.4.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Workstation-7.4.Z-Workstation" } ] }, "vulnerabilities": [ { "cve": "CVE-2016-10165", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2016-08-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1367357" } ], "notes": [ { "category": "description", "text": "The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.", "title": "Vulnerability description" }, { "category": "summary", "text": "lcms2: Out-of-bounds read in Type_MLU_Read()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-10165" }, { "category": "external", "summary": "RHBZ#1367357", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367357" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-10165", "url": "https://www.cve.org/CVERecord?id=CVE-2016-10165" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10165", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10165" } ], "release_date": "2016-08-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-27T18:04:39+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3264" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "lcms2: Out-of-bounds read in Type_MLU_Read()" }, { "cve": "CVE-2017-10281", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502649" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: multiple unbounded memory allocations in deserialization (Serialization, 8174109)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10281" }, { "category": "external", "summary": "RHBZ#1502649", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502649" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10281", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10281" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10281", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10281" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-27T18:04:39+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3264" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: multiple unbounded memory allocations in deserialization (Serialization, 8174109)" }, { "cve": "CVE-2017-10285", "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1501868" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incorrect privilege use when handling unreferenced objects (RMI, 8174966)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10285" }, { "category": "external", "summary": "RHBZ#1501868", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501868" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10285", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10285" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10285", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10285" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-27T18:04:39+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3264" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: incorrect privilege use when handling unreferenced objects (RMI, 8174966)" }, { "cve": "CVE-2017-10295", "cwe": { "id": "CWE-113", "name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502687" } ], "notes": [ { "category": "description", "text": "It was found that the HttpURLConnection and HttpsURLConnection classes in the Networking component of OpenJDK failed to check for newline characters embedded in URLs. An attacker able to make a Java application perform an HTTP request using an attacker provided URL could possibly inject additional headers into the request.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: HTTP client insufficient check for newline in URLs (Networking, 8176751)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10295" }, { "category": "external", "summary": "RHBZ#1502687", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502687" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10295", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10295" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10295", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10295" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-27T18:04:39+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3264" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: HTTP client insufficient check for newline in URLs (Networking, 8176751)" }, { "cve": "CVE-2017-10309", "discovery_date": "2017-10-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1503319" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 8u151 and 9.0.1 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10309" }, { "category": "external", "summary": "RHBZ#1503319", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503319" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10309", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10309" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10309", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10309" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-27T18:04:39+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3264" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JDK: unspecified vulnerability fixed in 8u151 and 9.0.1 (Deployment)" }, { "cve": "CVE-2017-10345", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502858" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded resource use in JceKeyStore deserialization (Serialization, 8181370)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10345" }, { "category": "external", "summary": "RHBZ#1502858", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502858" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10345", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10345" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10345", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10345" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-27T18:04:39+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3264" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: unbounded resource use in JceKeyStore deserialization (Serialization, 8181370)" }, { "cve": "CVE-2017-10346", "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1501873" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient loader constraints checks for invokespecial (Hotspot, 8180711)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10346" }, { "category": "external", "summary": "RHBZ#1501873", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501873" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10346", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10346" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10346", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10346" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-27T18:04:39+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3264" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient loader constraints checks for invokespecial (Hotspot, 8180711)" }, { "cve": "CVE-2017-10347", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502632" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation in SimpleTimeZone deserialization (Serialization, 8181323)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10347" }, { "category": "external", "summary": "RHBZ#1502632", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502632" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10347", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10347" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10347", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10347" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-27T18:04:39+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3264" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation in SimpleTimeZone deserialization (Serialization, 8181323)" }, { "cve": "CVE-2017-10348", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502629" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: multiple unbounded memory allocations in deserialization (Libraries, 8181432)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10348" }, { "category": "external", "summary": "RHBZ#1502629", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502629" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10348", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10348" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10348", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10348" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-27T18:04:39+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3264" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: multiple unbounded memory allocations in deserialization (Libraries, 8181432)" }, { "cve": "CVE-2017-10349", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502611" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation in PredicatedNodeTest deserialization (JAXP, 8181327)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10349" }, { "category": "external", "summary": "RHBZ#1502611", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502611" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10349", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10349" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10349", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10349" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-27T18:04:39+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3264" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation in PredicatedNodeTest deserialization (JAXP, 8181327)" }, { "cve": "CVE-2017-10350", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502640" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation in JAXWSExceptionBase deserialization (JAX-WS, 8181100)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10350" }, { "category": "external", "summary": "RHBZ#1502640", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502640" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10350", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10350" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10350", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10350" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-27T18:04:39+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3264" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation in JAXWSExceptionBase deserialization (JAX-WS, 8181100)" }, { "cve": "CVE-2017-10355", "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502869" } ], "notes": [ { "category": "description", "text": "It was found that the FtpClient implementation in the Networking component of OpenJDK did not set connect and read timeouts by default. A malicious FTP server or a man-in-the-middle attacker could use this flaw to block execution of a Java application connecting to an FTP server.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: no default network operations timeouts in FtpClient (Networking, 8181612)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10355" }, { "category": "external", "summary": "RHBZ#1502869", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502869" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10355", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10355" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10355", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10355" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-27T18:04:39+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3264" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: no default network operations timeouts in FtpClient (Networking, 8181612)" }, { "cve": "CVE-2017-10356", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1503169" } ], "notes": [ { "category": "description", "text": "It was discovered that the Security component of OpenJDK generated weak password-based encryption keys used to protect private keys stored in key stores. This made it easier to perform password guessing attacks to decrypt stored keys if an attacker could gain access to a key store.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: weak protection of key stores against brute forcing (Security, 8181692)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10356" }, { "category": "external", "summary": "RHBZ#1503169", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503169" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10356", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10356" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10356", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10356" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-27T18:04:39+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3264" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: weak protection of key stores against brute forcing (Security, 8181692)" }, { "cve": "CVE-2017-10357", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502614" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unbounded memory allocation in ObjectInputStream deserialization (Serialization, 8181597)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10357" }, { "category": "external", "summary": "RHBZ#1502614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502614" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10357", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10357" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10357", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10357" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-27T18:04:39+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3264" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: unbounded memory allocation in ObjectInputStream deserialization (Serialization, 8181597)" }, { "cve": "CVE-2017-10388", "cwe": { "id": "CWE-345", "name": "Insufficient Verification of Data Authenticity" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1502038" } ], "notes": [ { "category": "description", "text": "It was discovered that the Kerberos client implementation in the Libraries component of OpenJDK used the sname field from the plain text part rather than encrypted part of the KDC reply message. A man-in-the-middle attacker could possibly use this flaw to impersonate Kerberos services to Java applications acting as Kerberos clients.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: use of unprotected sname in Kerberos client (Libraries, 8178794)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10388" }, { "category": "external", "summary": "RHBZ#1502038", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502038" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10388", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10388" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10388", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10388" } ], "release_date": "2017-10-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-11-27T18:04:39+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3264" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.0" }, "products": [ "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Client-7.4.Z-Client:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7ComputeNode-7.4.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Server-7.4.Z-Server:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.i686", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7.x86_64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.ppc64le", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.s390x", "7Workstation-7.4.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: use of unprotected sname in Kerberos client (Libraries, 8178794)" } ] }
gsd-2017-10309
Vulnerability from gsd
{ "GSD": { "alias": "CVE-2017-10309", "description": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L).", "id": "GSD-2017-10309", "references": [ "https://www.suse.com/security/cve/CVE-2017-10309.html", "https://access.redhat.com/errata/RHSA-2017:3453", "https://access.redhat.com/errata/RHSA-2017:3267", "https://access.redhat.com/errata/RHSA-2017:3264", "https://access.redhat.com/errata/RHSA-2017:2999", "https://packetstormsecurity.com/files/cve/CVE-2017-10309" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2017-10309" ], "details": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L).", "id": "GSD-2017-10309", "modified": "2023-12-13T01:21:14.512744Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2017-10309", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Java", "version": { "version_data": [ { "version_affected": "=", "version_value": "Java SE: 8u144" }, { "version_affected": "=", "version_value": "9" } ] } } ] }, "vendor_name": "Oracle Corporation" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE." } ] } ] }, "references": { "reference_data": [ { "name": "101328", "refsource": "BID", "url": "http://www.securityfocus.com/bid/101328" }, { "name": "RHSA-2017:3267", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:3267" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "name": "1039596", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039596" }, { "name": "43103", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/43103/" }, { "name": "GLSA-201710-31", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201710-31" }, { "name": "RHSA-2017:3264", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:3264" }, { "name": "RHSA-2017:3453", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:3453" }, { "name": "https://security.netapp.com/advisory/ntap-20171019-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20171019-0001/" }, { "name": "RHSA-2017:2999", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2999" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.8.0:update144:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.8.0:update144:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*", "cpe_name": [], "versionStartIncluding": "7.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*", "cpe_name": [], "versionStartIncluding": "7.3", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*", "cpe_name": [], "versionStartIncluding": "9.5", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*", "cpe_name": [], "versionStartIncluding": "7.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:e-series_santricity_management_plug-ins:-:*:*:*:*:vmware_vcenter:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.70.1", "versionStartIncluding": "11.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:windows:*:*", "cpe_name": [], "versionStartIncluding": "7.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*", "cpe_name": [], "versionEndIncluding": "7.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*", "cpe_name": [], "versionEndIncluding": "7.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:vmware_vsphere:*:*", "cpe_name": [], "versionStartIncluding": "7.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:vmware_vsphere:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2017-10309" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "refsource": "CONFIRM", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "name": "1039596", "refsource": "SECTRACK", "tags": [ "Broken Link" ], "url": "http://www.securitytracker.com/id/1039596" }, { "name": "101328", "refsource": "BID", "tags": [ "Broken Link" ], "url": "http://www.securityfocus.com/bid/101328" }, { "name": "GLSA-201710-31", "refsource": "GENTOO", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201710-31" }, { "name": "43103", "refsource": "EXPLOIT-DB", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/43103/" }, { "name": "https://security.netapp.com/advisory/ntap-20171019-0001/", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://security.netapp.com/advisory/ntap-20171019-0001/" }, { "name": "RHSA-2017:3267", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:3267" }, { "name": "RHSA-2017:3264", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:3264" }, { "name": "RHSA-2017:3453", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:3453" }, { "name": "RHSA-2017:2999", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:2999" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.7 } }, "lastModifiedDate": "2022-08-12T18:04Z", "publishedDate": "2017-10-19T17:29Z" } } }
ghsa-5269-8f5r-q5c5
Vulnerability from github
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L).
{ "affected": [], "aliases": [ "CVE-2017-10309" ], "database_specific": { "cwe_ids": [], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2017-10-19T17:29:00Z", "severity": "HIGH" }, "details": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L).", "id": "GHSA-5269-8f5r-q5c5", "modified": "2022-05-13T01:17:21Z", "published": "2022-05-13T01:17:21Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10309" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2017:2999" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2017:3264" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2017:3267" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2017:3453" }, { "type": "WEB", "url": "https://security.gentoo.org/glsa/201710-31" }, { "type": "WEB", "url": "https://security.netapp.com/advisory/ntap-20171019-0001" }, { "type": "WEB", "url": "https://www.exploit-db.com/exploits/43103" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/101328" }, { "type": "WEB", "url": "http://www.securitytracker.com/id/1039596" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "type": "CVSS_V3" } ] }
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.