rhsa-2016_1430
Vulnerability from csaf_redhat
Published
2016-07-18 13:51
Modified
2024-11-25 12:05
Summary
Red Hat Security Advisory: java-1.7.0-ibm and java-1.7.1-ibm security update
Notes
Topic
An update for java-1.7.0-ibm and java-1.7.1-ibm is now available for Red Hat Satellite 5.7 and Red Hat Satellite 5.6.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.
This update upgrades IBM Java SE 7 to versions 7 SR9-FP40 and 7R1 SR3-FP40.
Security Fix(es):
* This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4810, CVE-2015-4835, CVE-2015-4840, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4871, CVE-2015-4872, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4902, CVE-2015-4903, CVE-2015-5006, CVE-2015-5041, CVE-2015-7575, CVE-2015-7981, CVE-2015-8126, CVE-2015-8472, CVE-2015-8540, CVE-2016-0264, CVE-2016-0363, CVE-2016-0376, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494, CVE-2016-0686, CVE-2016-0687, CVE-2016-3422, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449)
Red Hat would like to thank Andrea Palazzo of Truel IT for reporting the
CVE-2015-4806 issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for java-1.7.0-ibm and java-1.7.1-ibm is now available for Red Hat Satellite 5.7 and Red Hat Satellite 5.6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 7 to versions 7 SR9-FP40 and 7R1 SR3-FP40.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4810, CVE-2015-4835, CVE-2015-4840, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4871, CVE-2015-4872, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4902, CVE-2015-4903, CVE-2015-5006, CVE-2015-5041, CVE-2015-7575, CVE-2015-7981, CVE-2015-8126, CVE-2015-8472, CVE-2015-8540, CVE-2016-0264, CVE-2016-0363, CVE-2016-0376, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494, CVE-2016-0686, CVE-2016-0687, CVE-2016-3422, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449)\n\nRed Hat would like to thank Andrea Palazzo of Truel IT for reporting the\nCVE-2015-4806 issue.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2016:1430", "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1233687", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1233687" }, { "category": "external", "summary": "1273022", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273022" }, { "category": "external", "summary": "1273053", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273053" }, { "category": "external", "summary": "1273304", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273304" }, { "category": "external", "summary": "1273308", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273308" }, { "category": "external", "summary": "1273311", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273311" }, { "category": "external", "summary": "1273318", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273318" }, { "category": "external", "summary": "1273338", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273338" }, { "category": "external", "summary": "1273414", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273414" }, { "category": "external", "summary": "1273425", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273425" }, { "category": "external", "summary": "1273430", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273430" }, { "category": "external", "summary": "1273496", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273496" }, { "category": "external", "summary": "1273637", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273637" }, { "category": "external", "summary": "1273638", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273638" }, { "category": "external", "summary": "1273734", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273734" }, { "category": "external", "summary": "1273858", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273858" }, { "category": "external", "summary": "1273859", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273859" }, { "category": "external", "summary": "1273860", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273860" }, { "category": "external", "summary": "1276416", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276416" }, { "category": "external", "summary": "1281756", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281756" }, { "category": "external", "summary": "1282379", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282379" }, { "category": "external", "summary": "1289841", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1289841" }, { "category": "external", "summary": "1291312", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291312" }, { "category": "external", "summary": "1298906", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298906" }, { "category": "external", "summary": "1298957", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298957" }, { "category": "external", "summary": "1299073", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1299073" }, { "category": "external", "summary": "1299385", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1299385" }, { "category": "external", "summary": "1299441", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1299441" }, { "category": "external", "summary": "1302689", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302689" }, { "category": "external", "summary": "1324044", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1324044" }, { "category": "external", "summary": "1327743", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327743" }, { "category": "external", "summary": "1327749", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327749" }, { "category": "external", "summary": "1328059", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328059" }, { "category": "external", "summary": "1328210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328210" }, { "category": "external", "summary": "1328618", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328618" }, { "category": "external", "summary": "1328619", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328619" }, { "category": "external", "summary": "1328620", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328620" }, { "category": "external", "summary": "1330986", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330986" }, { "category": "external", "summary": "1331359", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1331359" }, { "category": "external", "summary": "1351695", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1351695" }, { "category": "external", "summary": "1353209", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353209" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_1430.json" } ], "title": "Red Hat Security Advisory: java-1.7.0-ibm and java-1.7.1-ibm security update", "tracking": { "current_release_date": "2024-11-25T12:05:38+00:00", "generator": { "date": "2024-11-25T12:05:38+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2016:1430", "initial_release_date": "2016-07-18T13:51:35+00:00", "revision_history": [ { "date": "2016-07-18T13:51:35+00:00", "number": "1", "summary": "Initial version" }, { "date": "2016-07-18T13:51:35+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-25T12:05:38+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Satellite 5.6 (RHEL v.5)", "product": { "name": "Red Hat Satellite 5.6 (RHEL v.5)", "product_id": "5Server-Satellite56", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.6::el5" } } }, { "category": "product_name", "name": "Red Hat Satellite 5.7 (RHEL v.6)", "product": { "name": "Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.7::el6" } } }, { "category": "product_name", "name": "Red Hat Satellite 5.6 (RHEL v.6)", "product": { "name": "Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.6::el6" } } } ], "category": "product_family", "name": "Red Hat Satellite" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "product": { "name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "product_id": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm@1.7.0.9.40-1jpp.1.el5?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "product": { "name": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "product_id": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-devel@1.7.0.9.40-1jpp.1.el5?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "product": { "name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "product_id": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.3.40-1jpp.1.el6_7?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.3.40-1jpp.1.el6_7?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "product": { "name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "product_id": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm@1.7.0.9.40-1jpp.1.el5?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "spacewalk-java-0:2.0.2-109.el5sat.src", "product": { "name": "spacewalk-java-0:2.0.2-109.el5sat.src", "product_id": "spacewalk-java-0:2.0.2-109.el5sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/spacewalk-java@2.0.2-109.el5sat?arch=src" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "product": { "name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "product_id": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.3.40-1jpp.1.el6_7?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "spacewalk-java-0:2.3.8-146.el6sat.src", "product": { "name": "spacewalk-java-0:2.3.8-146.el6sat.src", "product_id": "spacewalk-java-0:2.3.8-146.el6sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/spacewalk-java@2.3.8-146.el6sat?arch=src" } } }, { "category": "product_version", "name": "spacewalk-java-0:2.0.2-109.el6sat.src", "product": { "name": "spacewalk-java-0:2.0.2-109.el6sat.src", "product_id": "spacewalk-java-0:2.0.2-109.el6sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/spacewalk-java@2.0.2-109.el6sat?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "product": { "name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "product_id": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm@1.7.0.9.40-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "product": { "name": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "product_id": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-devel@1.7.0.9.40-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "product": { "name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "product_id": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.3.40-1jpp.1.el6_7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.3.40-1jpp.1.el6_7?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "spacewalk-java-0:2.0.2-109.el5sat.noarch", "product": { "name": "spacewalk-java-0:2.0.2-109.el5sat.noarch", "product_id": "spacewalk-java-0:2.0.2-109.el5sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/spacewalk-java@2.0.2-109.el5sat?arch=noarch" } } }, { "category": "product_version", "name": "spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "product": { "name": "spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "product_id": "spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/spacewalk-java-postgresql@2.0.2-109.el5sat?arch=noarch" } } }, { "category": "product_version", "name": "spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "product": { "name": "spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "product_id": "spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/spacewalk-taskomatic@2.0.2-109.el5sat?arch=noarch" } } }, { "category": "product_version", "name": "spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "product": { "name": "spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "product_id": "spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/spacewalk-java-lib@2.0.2-109.el5sat?arch=noarch" } } }, { "category": "product_version", "name": "spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "product": { "name": "spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "product_id": "spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/spacewalk-java-config@2.0.2-109.el5sat?arch=noarch" } } }, { "category": "product_version", "name": "spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "product": { "name": "spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "product_id": "spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/spacewalk-java-oracle@2.0.2-109.el5sat?arch=noarch" } } }, { "category": "product_version", "name": "spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "product": { "name": "spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "product_id": "spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/spacewalk-java-config@2.3.8-146.el6sat?arch=noarch" } } }, { "category": "product_version", "name": "spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "product": { "name": "spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "product_id": "spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/spacewalk-java-oracle@2.3.8-146.el6sat?arch=noarch" } } }, { "category": "product_version", "name": "spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch", "product": { "name": "spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch", "product_id": "spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/spacewalk-taskomatic@2.3.8-146.el6sat?arch=noarch" } } }, { "category": "product_version", "name": "spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "product": { "name": "spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "product_id": "spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/spacewalk-java-postgresql@2.3.8-146.el6sat?arch=noarch" } } }, { "category": "product_version", "name": "spacewalk-java-0:2.3.8-146.el6sat.noarch", "product": { "name": "spacewalk-java-0:2.3.8-146.el6sat.noarch", "product_id": "spacewalk-java-0:2.3.8-146.el6sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/spacewalk-java@2.3.8-146.el6sat?arch=noarch" } } }, { "category": "product_version", "name": "spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "product": { "name": "spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "product_id": "spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/spacewalk-java-lib@2.3.8-146.el6sat?arch=noarch" } } }, { "category": "product_version", "name": "spacewalk-java-0:2.0.2-109.el6sat.noarch", "product": { "name": "spacewalk-java-0:2.0.2-109.el6sat.noarch", "product_id": "spacewalk-java-0:2.0.2-109.el6sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/spacewalk-java@2.0.2-109.el6sat?arch=noarch" } } }, { "category": "product_version", "name": "spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "product": { "name": "spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "product_id": "spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/spacewalk-java-lib@2.0.2-109.el6sat?arch=noarch" } } }, { "category": "product_version", "name": "spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "product": { "name": "spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "product_id": "spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/spacewalk-java-postgresql@2.0.2-109.el6sat?arch=noarch" } } }, { "category": "product_version", "name": "spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "product": { "name": "spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "product_id": "spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/spacewalk-java-oracle@2.0.2-109.el6sat?arch=noarch" } } }, { "category": "product_version", "name": "spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "product": { "name": "spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "product_id": "spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/spacewalk-taskomatic@2.0.2-109.el6sat?arch=noarch" } } }, { "category": "product_version", "name": "spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "product": { "name": "spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "product_id": "spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/spacewalk-java-config@2.0.2-109.el6sat?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.6 (RHEL v.5)", "product_id": "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "relates_to_product_reference": "5Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src as a component of Red Hat Satellite 5.6 (RHEL v.5)", "product_id": "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "relates_to_product_reference": "5Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.5)", "product_id": "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.6 (RHEL v.5)", "product_id": "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "relates_to_product_reference": "5Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.5)", "product_id": "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "spacewalk-java-0:2.0.2-109.el5sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.5)", "product_id": "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch" }, "product_reference": "spacewalk-java-0:2.0.2-109.el5sat.noarch", "relates_to_product_reference": "5Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "spacewalk-java-0:2.0.2-109.el5sat.src as a component of Red Hat Satellite 5.6 (RHEL v.5)", "product_id": "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src" }, "product_reference": "spacewalk-java-0:2.0.2-109.el5sat.src", "relates_to_product_reference": "5Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "spacewalk-java-config-0:2.0.2-109.el5sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.5)", "product_id": "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch" }, "product_reference": "spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "relates_to_product_reference": "5Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "spacewalk-java-lib-0:2.0.2-109.el5sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.5)", "product_id": "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch" }, "product_reference": "spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "relates_to_product_reference": "5Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.5)", "product_id": "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch" }, "product_reference": "spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "relates_to_product_reference": "5Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.5)", "product_id": "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch" }, "product_reference": "spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "relates_to_product_reference": "5Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.5)", "product_id": "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch" }, "product_reference": "spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "relates_to_product_reference": "5Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "spacewalk-java-0:2.0.2-109.el6sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch" }, "product_reference": "spacewalk-java-0:2.0.2-109.el6sat.noarch", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "spacewalk-java-0:2.0.2-109.el6sat.src as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src" }, "product_reference": "spacewalk-java-0:2.0.2-109.el6sat.src", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "spacewalk-java-config-0:2.0.2-109.el6sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch" }, "product_reference": "spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "spacewalk-java-lib-0:2.0.2-109.el6sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch" }, "product_reference": "spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch" }, "product_reference": "spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch" }, "product_reference": "spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch" }, "product_reference": "spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64 as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64 as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "spacewalk-java-0:2.3.8-146.el6sat.noarch as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch" }, "product_reference": "spacewalk-java-0:2.3.8-146.el6sat.noarch", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "spacewalk-java-0:2.3.8-146.el6sat.src as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src" }, "product_reference": "spacewalk-java-0:2.3.8-146.el6sat.src", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "spacewalk-java-config-0:2.3.8-146.el6sat.noarch as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch" }, "product_reference": "spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "spacewalk-java-lib-0:2.3.8-146.el6sat.noarch as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch" }, "product_reference": "spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch" }, "product_reference": "spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch" }, "product_reference": "spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" }, "product_reference": "spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch", "relates_to_product_reference": "6Server-Satellite57" } ] }, "vulnerabilities": [ { "cve": "CVE-2015-4734", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2015-10-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1273430" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JGSS.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: kerberos realm name leak (JGSS, 8048030)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-4734" }, { "category": "external", "summary": "RHBZ#1273430", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273430" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-4734", "url": "https://www.cve.org/CVERecord?id=CVE-2015-4734" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4734", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4734" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA" } ], "release_date": "2015-10-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: kerberos realm name leak (JGSS, 8048030)" }, { "cve": "CVE-2015-4803", "cwe": { "id": "CWE-407", "name": "Inefficient Algorithmic Complexity" }, "discovery_date": "2015-10-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1273637" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: inefficient use of hash tables and lists during XML parsing (JAXP, 8068842)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-4803" }, { "category": "external", "summary": "RHBZ#1273637", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273637" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-4803", "url": "https://www.cve.org/CVERecord?id=CVE-2015-4803" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4803", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4803" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA" } ], "release_date": "2015-10-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: inefficient use of hash tables and lists during XML parsing (JAXP, 8068842)" }, { "cve": "CVE-2015-4805", "cwe": { "id": "CWE-665", "name": "Improper Initialization" }, "discovery_date": "2015-10-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1273311" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serialization.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: missing checks for proper initialization in ObjectStreamClass (Serialization, 8103671)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-4805" }, { "category": "external", "summary": "RHBZ#1273311", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273311" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-4805", "url": "https://www.cve.org/CVERecord?id=CVE-2015-4805" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4805", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4805" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA" } ], "release_date": "2015-10-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: missing checks for proper initialization in ObjectStreamClass (Serialization, 8103671)" }, { "acknowledgments": [ { "names": [ "Andrea Palazzo" ], "organization": "Truel IT" } ], "cve": "CVE-2015-4806", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2015-06-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1233687" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: HttpURLConnection header restriction bypass (Libraries, 8130193)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-4806" }, { "category": "external", "summary": "RHBZ#1233687", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1233687" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-4806", "url": "https://www.cve.org/CVERecord?id=CVE-2015-4806" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4806", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4806" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA" } ], "release_date": "2015-10-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: HttpURLConnection header restriction bypass (Libraries, 8130193)" }, { "cve": "CVE-2015-4810", "discovery_date": "2015-10-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1273858" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u85 and 8u60 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u91 and 8u65 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-4810" }, { "category": "external", "summary": "RHBZ#1273858", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273858" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-4810", "url": "https://www.cve.org/CVERecord?id=CVE-2015-4810" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4810", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4810" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA" } ], "release_date": "2015-10-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JDK: unspecified vulnerability fixed in 7u91 and 8u65 (Deployment)" }, { "cve": "CVE-2015-4835", "discovery_date": "2015-10-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1273022" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4881.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient permission checks in StubGenerator (CORBA, 8076383)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-4835" }, { "category": "external", "summary": "RHBZ#1273022", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273022" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-4835", "url": "https://www.cve.org/CVERecord?id=CVE-2015-4835" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4835", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4835" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA" } ], "release_date": "2015-10-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient permission checks in StubGenerator (CORBA, 8076383)" }, { "cve": "CVE-2015-4840", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2015-10-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1273338" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via unknown vectors related to 2D.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: OOB access in CMS code (2D, 8086092)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-4840" }, { "category": "external", "summary": "RHBZ#1273338", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273338" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-4840", "url": "https://www.cve.org/CVERecord?id=CVE-2015-4840" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4840", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4840" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA" } ], "release_date": "2015-10-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: OOB access in CMS code (2D, 8086092)" }, { "cve": "CVE-2015-4842", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2015-10-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1273425" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JAXP.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: leak of user.dir location (JAXP, 8078427)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-4842" }, { "category": "external", "summary": "RHBZ#1273425", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273425" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-4842", "url": "https://www.cve.org/CVERecord?id=CVE-2015-4842" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4842", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4842" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA" } ], "release_date": "2015-10-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: leak of user.dir location (JAXP, 8078427)" }, { "cve": "CVE-2015-4843", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2015-10-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1273053" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: java.nio Buffers integer overflow issues (Libraries, 8130891)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-4843" }, { "category": "external", "summary": "RHBZ#1273053", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273053" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-4843", "url": "https://www.cve.org/CVERecord?id=CVE-2015-4843" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4843", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4843" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA" } ], "release_date": "2015-10-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: java.nio Buffers integer overflow issues (Libraries, 8130891)" }, { "cve": "CVE-2015-4844", "discovery_date": "2015-10-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1273318" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.", "title": "Vulnerability description" }, { "category": "summary", "text": "ICU: missing boundary checks in layout engine (OpenJDK 2D, 8132042)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-4844" }, { "category": "external", "summary": "RHBZ#1273318", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273318" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-4844", "url": "https://www.cve.org/CVERecord?id=CVE-2015-4844" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4844", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4844" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA" } ], "release_date": "2015-10-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "ICU: missing boundary checks in layout engine (OpenJDK 2D, 8132042)" }, { "cve": "CVE-2015-4860", "discovery_date": "2015-10-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1273308" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4883.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incorrect access control context used in DGCImpl (RMI, 8080688)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-4860" }, { "category": "external", "summary": "RHBZ#1273308", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273308" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-4860", "url": "https://www.cve.org/CVERecord?id=CVE-2015-4860" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4860", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4860" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA" } ], "release_date": "2015-10-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: incorrect access control context used in DGCImpl (RMI, 8080688)" }, { "cve": "CVE-2015-4871", "discovery_date": "2015-10-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1273859" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u85 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: protected methods can be used as interface methods via DirectMethodHandle (Libraries)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-4871" }, { "category": "external", "summary": "RHBZ#1273859", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273859" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-4871", "url": "https://www.cve.org/CVERecord?id=CVE-2015-4871" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4871", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4871" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA" } ], "release_date": "2015-10-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: protected methods can be used as interface methods via DirectMethodHandle (Libraries)" }, { "cve": "CVE-2015-4872", "discovery_date": "2015-10-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1273734" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect integrity via unknown vectors related to Security.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incomplete constraints enforcement by AlgorithmChecker (Security, 8131291)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-4872" }, { "category": "external", "summary": "RHBZ#1273734", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273734" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-4872", "url": "https://www.cve.org/CVERecord?id=CVE-2015-4872" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4872", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4872" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA" } ], "release_date": "2015-10-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: incomplete constraints enforcement by AlgorithmChecker (Security, 8131291)" }, { "cve": "CVE-2015-4882", "discovery_date": "2015-10-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1273414" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect availability via vectors related to CORBA.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incorrect String object deserialization in IIOPInputStream (CORBA, 8076387)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-4882" }, { "category": "external", "summary": "RHBZ#1273414", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273414" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-4882", "url": "https://www.cve.org/CVERecord?id=CVE-2015-4882" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4882", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4882" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA" } ], "release_date": "2015-10-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: incorrect String object deserialization in IIOPInputStream (CORBA, 8076387)" }, { "cve": "CVE-2015-4883", "discovery_date": "2015-10-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1273304" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4860.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incorrect access control context used in DGCClient (RMI, 8076413)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-4883" }, { "category": "external", "summary": "RHBZ#1273304", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273304" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-4883", "url": "https://www.cve.org/CVERecord?id=CVE-2015-4883" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4883", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4883" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA" } ], "release_date": "2015-10-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: incorrect access control context used in DGCClient (RMI, 8076413)" }, { "cve": "CVE-2015-4893", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2015-10-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1273638" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incomplete MaxXMLNameLimit enforcement (JAXP, 8086733)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-4893" }, { "category": "external", "summary": "RHBZ#1273638", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273638" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-4893", "url": "https://www.cve.org/CVERecord?id=CVE-2015-4893" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4893", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4893" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA" } ], "release_date": "2015-10-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: incomplete MaxXMLNameLimit enforcement (JAXP, 8086733)" }, { "cve": "CVE-2015-4902", "discovery_date": "2015-10-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1273860" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u105, 7u91 and 8u65 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-4902" }, { "category": "external", "summary": "RHBZ#1273860", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273860" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-4902", "url": "https://www.cve.org/CVERecord?id=CVE-2015-4902" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4902", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4902" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2015-10-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "exploit_status", "date": "2022-03-03T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u105, 7u91 and 8u65 (Deployment)" }, { "cve": "CVE-2015-4903", "discovery_date": "2015-10-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1273496" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to RMI.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient proxy class checks in RemoteObjectInvocationHandler (RMI, 8076339)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-4903" }, { "category": "external", "summary": "RHBZ#1273496", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273496" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-4903", "url": "https://www.cve.org/CVERecord?id=CVE-2015-4903" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4903", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4903" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA" } ], "release_date": "2015-10-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: insufficient proxy class checks in RemoteObjectInvocationHandler (RMI, 8076339)" }, { "cve": "CVE-2015-5006", "discovery_date": "2015-11-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1282379" } ], "notes": [ { "category": "description", "text": "IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, and 6 before SR16 FP15 allow physically proximate attackers to obtain sensitive information by reading the Kerberos Credential Cache.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: local disclosure of kerberos credentials cache", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-5006" }, { "category": "external", "summary": "RHBZ#1282379", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282379" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-5006", "url": "https://www.cve.org/CVERecord?id=CVE-2015-5006" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5006", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5006" } ], "release_date": "2015-11-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: local disclosure of kerberos credentials cache" }, { "cve": "CVE-2015-5041", "discovery_date": "2016-01-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1302689" } ], "notes": [ { "category": "description", "text": "The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to obtain sensitive information or inject data by invoking non-public interface methods.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: J9 JVM allows code to invoke non-public interface methods", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-5041" }, { "category": "external", "summary": "RHBZ#1302689", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302689" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-5041", "url": "https://www.cve.org/CVERecord?id=CVE-2015-5041" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5041", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5041" } ], "release_date": "2016-01-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: J9 JVM allows code to invoke non-public interface methods" }, { "cve": "CVE-2015-7575", "discovery_date": "2015-12-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1289841" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to impersonate a TLS server or an authenticated TLS client.", "title": "Vulnerability description" }, { "category": "summary", "text": "TLS 1.2 Transcipt Collision attacks against MD5 in key exchange protocol (SLOTH)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-7575" }, { "category": "external", "summary": "RHBZ#1289841", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1289841" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-7575", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7575" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-7575", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7575" }, { "category": "external", "summary": "http://www.mitls.org/pages/attacks/SLOTH", "url": "http://www.mitls.org/pages/attacks/SLOTH" }, { "category": "external", "summary": "https://access.redhat.com/articles/2112261", "url": "https://access.redhat.com/articles/2112261" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-150/", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-150/" } ], "release_date": "2016-01-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "TLS 1.2 Transcipt Collision attacks against MD5 in key exchange protocol (SLOTH)" }, { "cve": "CVE-2015-7981", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2015-10-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1276416" } ], "notes": [ { "category": "description", "text": "An array-indexing error was discovered in the png_convert_to_rfc1123() function of libpng. An attacker could possibly use this flaw to cause an out-of-bounds read by tricking an unsuspecting user into processing a specially crafted PNG image.", "title": "Vulnerability description" }, { "category": "summary", "text": "libpng: Out-of-bounds read in png_convert_to_rfc1123", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-7981" }, { "category": "external", "summary": "RHBZ#1276416", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276416" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-7981", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7981" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-7981", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7981" } ], "release_date": "2015-10-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "libpng: Out-of-bounds read in png_convert_to_rfc1123" }, { "cve": "CVE-2015-8126", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2015-11-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1281756" } ], "notes": [ { "category": "description", "text": "It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library.", "title": "Vulnerability description" }, { "category": "summary", "text": "libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-8126" }, { "category": "external", "summary": "RHBZ#1281756", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281756" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-8126", "url": "https://www.cve.org/CVERecord?id=CVE-2015-8126" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-8126", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8126" } ], "release_date": "2015-11-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions" }, { "cve": "CVE-2015-8472", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2015-11-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1281756" } ], "notes": [ { "category": "description", "text": "It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library.", "title": "Vulnerability description" }, { "category": "summary", "text": "libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-8472" }, { "category": "external", "summary": "RHBZ#1281756", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281756" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-8472", "url": "https://www.cve.org/CVERecord?id=CVE-2015-8472" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-8472", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8472" } ], "release_date": "2015-11-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions" }, { "cve": "CVE-2015-8540", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2015-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1291312" } ], "notes": [ { "category": "description", "text": "Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.", "title": "Vulnerability description" }, { "category": "summary", "text": "libpng: underflow read in png_check_keyword()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-8540" }, { "category": "external", "summary": "RHBZ#1291312", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291312" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-8540", "url": "https://www.cve.org/CVERecord?id=CVE-2015-8540" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-8540", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8540" } ], "release_date": "2015-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 5.4, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "libpng: underflow read in png_check_keyword()" }, { "cve": "CVE-2016-0264", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2016-04-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1331359" } ], "notes": [ { "category": "description", "text": "Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) allows remote attackers to execute arbitrary code via unspecified vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: buffer overflow vulnerability in the IBM JVM", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-0264" }, { "category": "external", "summary": "RHBZ#1331359", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1331359" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-0264", "url": "https://www.cve.org/CVERecord?id=CVE-2016-0264" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0264", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0264" }, { "category": "external", "summary": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_April_2016", "url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_April_2016" } ], "release_date": "2016-04-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JDK: buffer overflow vulnerability in the IBM JVM" }, { "cve": "CVE-2016-0363", "discovery_date": "2016-04-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1324044" } ], "notes": [ { "category": "description", "text": "The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) uses the invoke method of the java.lang.reflect.Method class in an AccessController doPrivileged block, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to a Proxy object instance implementing the java.lang.reflect.InvocationHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-3009.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-0363" }, { "category": "external", "summary": "RHBZ#1324044", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1324044" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-0363", "url": "https://www.cve.org/CVERecord?id=CVE-2016-0363" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0363", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0363" }, { "category": "external", "summary": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_April_2016", "url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_April_2016" } ], "release_date": "2016-04-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix" }, { "cve": "CVE-2016-0376", "discovery_date": "2016-04-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1330986" } ], "notes": [ { "category": "description", "text": "The com.ibm.rmi.io.SunSerializableFactory class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) does not properly deserialize classes in an AccessController doPrivileged block, which allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code as demonstrated by the readValue method of the com.ibm.rmi.io.ValueHandlerPool.ValueHandlerSingleton class, which implements the javax.rmi.CORBA.ValueHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-5456.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-0376" }, { "category": "external", "summary": "RHBZ#1330986", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330986" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-0376", "url": "https://www.cve.org/CVERecord?id=CVE-2016-0376" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0376", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0376" }, { "category": "external", "summary": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_April_2016", "url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_April_2016" } ], "release_date": "2016-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix" }, { "cve": "CVE-2016-0402", "discovery_date": "2016-01-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1298957" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: URL deserialization inconsistencies (Networking, 8059054)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-0402" }, { "category": "external", "summary": "RHBZ#1298957", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298957" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-0402", "url": "https://www.cve.org/CVERecord?id=CVE-2016-0402" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0402", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0402" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA" } ], "release_date": "2016-01-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: URL deserialization inconsistencies (Networking, 8059054)" }, { "cve": "CVE-2016-0448", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2016-01-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1299073" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE Embedded 8u65 allows remote authenticated users to affect confidentiality via vectors related to JMX.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: logging of RMI connection secrets (JMX, 8130710)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-0448" }, { "category": "external", "summary": "RHBZ#1299073", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1299073" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-0448", "url": "https://www.cve.org/CVERecord?id=CVE-2016-0448" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0448", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0448" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA" } ], "release_date": "2016-01-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: logging of RMI connection secrets (JMX, 8130710)" }, { "cve": "CVE-2016-0466", "discovery_date": "2016-01-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1299385" } ], "notes": [ { "category": "description", "text": "It was discovered that the JAXP component in OpenJDK did not properly enforce the totalEntitySizeLimit limit. An attacker able to make a Java application process a specially crafted XML file could use this flaw to make the application consume an excessive amount of memory.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient enforcement of totalEntitySizeLimit (JAXP, 8133962)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-0466" }, { "category": "external", "summary": "RHBZ#1299385", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1299385" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-0466", "url": "https://www.cve.org/CVERecord?id=CVE-2016-0466" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0466", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0466" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA" } ], "release_date": "2016-01-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: insufficient enforcement of totalEntitySizeLimit (JAXP, 8133962)" }, { "cve": "CVE-2016-0483", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2016-01-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1299441" } ], "notes": [ { "category": "description", "text": "An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incorrect boundary check in JPEG decoder (AWT, 8139017)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-0483" }, { "category": "external", "summary": "RHBZ#1299441", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1299441" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-0483", "url": "https://www.cve.org/CVERecord?id=CVE-2016-0483" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0483", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0483" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA" } ], "release_date": "2016-01-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: incorrect boundary check in JPEG decoder (AWT, 8139017)" }, { "cve": "CVE-2016-0494", "cwe": { "id": "CWE-681", "name": "Incorrect Conversion between Numeric Types" }, "discovery_date": "2016-01-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1298906" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.", "title": "Vulnerability description" }, { "category": "summary", "text": "ICU: integer signedness issue in IndicRearrangementProcessor (OpenJDK 2D, 8140543)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-0494" }, { "category": "external", "summary": "RHBZ#1298906", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298906" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-0494", "url": "https://www.cve.org/CVERecord?id=CVE-2016-0494" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0494", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0494" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA" } ], "release_date": "2016-01-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "ICU: integer signedness issue in IndicRearrangementProcessor (OpenJDK 2D, 8140543)" }, { "cve": "CVE-2016-0686", "discovery_date": "2016-04-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1327743" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient thread consistency checks in ObjectInputStream (Serialization, 8129952)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-0686" }, { "category": "external", "summary": "RHBZ#1327743", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327743" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-0686", "url": "https://www.cve.org/CVERecord?id=CVE-2016-0686" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0686", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0686" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA" } ], "release_date": "2016-04-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient thread consistency checks in ObjectInputStream (Serialization, 8129952)" }, { "cve": "CVE-2016-0687", "discovery_date": "2016-04-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1327749" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient byte type checks (Hotspot, 8132051)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-0687" }, { "category": "external", "summary": "RHBZ#1327749", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327749" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-0687", "url": "https://www.cve.org/CVERecord?id=CVE-2016-0687" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0687", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0687" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA" } ], "release_date": "2016-04-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient byte type checks (Hotspot, 8132051)" }, { "cve": "CVE-2016-3422", "discovery_date": "2016-04-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1328620" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-3422" }, { "category": "external", "summary": "RHBZ#1328620", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328620" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-3422", "url": "https://www.cve.org/CVERecord?id=CVE-2016-3422" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3422", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3422" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA" } ], "release_date": "2016-04-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)" }, { "cve": "CVE-2016-3426", "discovery_date": "2016-04-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1328059" } ], "notes": [ { "category": "description", "text": "It was discovered that the GCM (Galois/Counter Mode) implementation in the JCE component in OpenJDK used a non-constant time comparison when comparing GCM authentication tags. A remote attacker could possibly use this flaw to determine the value of the authentication tag.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: non-constant time GCM authentication tag comparison (JCE, 8143945)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-3426" }, { "category": "external", "summary": "RHBZ#1328059", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328059" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-3426", "url": "https://www.cve.org/CVERecord?id=CVE-2016-3426" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3426", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3426" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA" } ], "release_date": "2016-04-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: non-constant time GCM authentication tag comparison (JCE, 8143945)" }, { "cve": "CVE-2016-3427", "discovery_date": "2016-04-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1328210" } ], "notes": [ { "category": "description", "text": "It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unrestricted deserialization of authentication credentials (JMX, 8144430)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-3427" }, { "category": "external", "summary": "RHBZ#1328210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328210" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-3427", "url": "https://www.cve.org/CVERecord?id=CVE-2016-3427" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3427", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3427" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2016-04-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "exploit_status", "date": "2023-05-12T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: unrestricted deserialization of authentication credentials (JMX, 8144430)" }, { "cve": "CVE-2016-3443", "discovery_date": "2016-04-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1328618" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D. NOTE: the previous information is from the April 2016 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information via crafted font data, which triggers an out-of-bounds read.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-3443" }, { "category": "external", "summary": "RHBZ#1328618", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328618" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-3443", "url": "https://www.cve.org/CVERecord?id=CVE-2016-3443" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3443", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3443" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA" } ], "release_date": "2016-04-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)" }, { "cve": "CVE-2016-3449", "discovery_date": "2016-04-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1328619" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-3449" }, { "category": "external", "summary": "RHBZ#1328619", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328619" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-3449", "url": "https://www.cve.org/CVERecord?id=CVE-2016-3449" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3449", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3449" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA" } ], "release_date": "2016-04-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-07-18T13:51:35+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.", "product_ids": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src", "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src", "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch", "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src", "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch", "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src", "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch", "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (Deployment)" } ] }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.