rhsa-2016_1430
Vulnerability from csaf_redhat
Published
2016-07-18 13:51
Modified
2024-09-13 12:27
Summary
Red Hat Security Advisory: java-1.7.0-ibm and java-1.7.1-ibm security update
Notes
Topic
An update for java-1.7.0-ibm and java-1.7.1-ibm is now available for Red Hat Satellite 5.7 and Red Hat Satellite 5.6.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.
This update upgrades IBM Java SE 7 to versions 7 SR9-FP40 and 7R1 SR3-FP40.
Security Fix(es):
* This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4810, CVE-2015-4835, CVE-2015-4840, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4871, CVE-2015-4872, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4902, CVE-2015-4903, CVE-2015-5006, CVE-2015-5041, CVE-2015-7575, CVE-2015-7981, CVE-2015-8126, CVE-2015-8472, CVE-2015-8540, CVE-2016-0264, CVE-2016-0363, CVE-2016-0376, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494, CVE-2016-0686, CVE-2016-0687, CVE-2016-3422, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449)
Red Hat would like to thank Andrea Palazzo of Truel IT for reporting the
CVE-2015-4806 issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.7.0-ibm and java-1.7.1-ibm is now available for Red Hat Satellite 5.7 and Red Hat Satellite 5.6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 7 to versions 7 SR9-FP40 and 7R1 SR3-FP40.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4810, CVE-2015-4835, CVE-2015-4840, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4871, CVE-2015-4872, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4902, CVE-2015-4903, CVE-2015-5006, CVE-2015-5041, CVE-2015-7575, CVE-2015-7981, CVE-2015-8126, CVE-2015-8472, CVE-2015-8540, CVE-2016-0264, CVE-2016-0363, CVE-2016-0376, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494, CVE-2016-0686, CVE-2016-0687, CVE-2016-3422, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449)\n\nRed Hat would like to thank Andrea Palazzo of Truel IT for reporting the\nCVE-2015-4806 issue.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2016:1430",
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1233687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1233687"
},
{
"category": "external",
"summary": "1273022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273022"
},
{
"category": "external",
"summary": "1273053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273053"
},
{
"category": "external",
"summary": "1273304",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273304"
},
{
"category": "external",
"summary": "1273308",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273308"
},
{
"category": "external",
"summary": "1273311",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273311"
},
{
"category": "external",
"summary": "1273318",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273318"
},
{
"category": "external",
"summary": "1273338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273338"
},
{
"category": "external",
"summary": "1273414",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273414"
},
{
"category": "external",
"summary": "1273425",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273425"
},
{
"category": "external",
"summary": "1273430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273430"
},
{
"category": "external",
"summary": "1273496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273496"
},
{
"category": "external",
"summary": "1273637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273637"
},
{
"category": "external",
"summary": "1273638",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273638"
},
{
"category": "external",
"summary": "1273734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273734"
},
{
"category": "external",
"summary": "1273858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273858"
},
{
"category": "external",
"summary": "1273859",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273859"
},
{
"category": "external",
"summary": "1273860",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273860"
},
{
"category": "external",
"summary": "1276416",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276416"
},
{
"category": "external",
"summary": "1281756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281756"
},
{
"category": "external",
"summary": "1282379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282379"
},
{
"category": "external",
"summary": "1289841",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1289841"
},
{
"category": "external",
"summary": "1291312",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291312"
},
{
"category": "external",
"summary": "1298906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298906"
},
{
"category": "external",
"summary": "1298957",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298957"
},
{
"category": "external",
"summary": "1299073",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1299073"
},
{
"category": "external",
"summary": "1299385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1299385"
},
{
"category": "external",
"summary": "1299441",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1299441"
},
{
"category": "external",
"summary": "1302689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302689"
},
{
"category": "external",
"summary": "1324044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1324044"
},
{
"category": "external",
"summary": "1327743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327743"
},
{
"category": "external",
"summary": "1327749",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327749"
},
{
"category": "external",
"summary": "1328059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328059"
},
{
"category": "external",
"summary": "1328210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328210"
},
{
"category": "external",
"summary": "1328618",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328618"
},
{
"category": "external",
"summary": "1328619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328619"
},
{
"category": "external",
"summary": "1328620",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328620"
},
{
"category": "external",
"summary": "1330986",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330986"
},
{
"category": "external",
"summary": "1331359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1331359"
},
{
"category": "external",
"summary": "1351695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1351695"
},
{
"category": "external",
"summary": "1353209",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353209"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2016/rhsa-2016_1430.json"
}
],
"title": "Red Hat Security Advisory: java-1.7.0-ibm and java-1.7.1-ibm security update",
"tracking": {
"current_release_date": "2024-09-13T12:27:30+00:00",
"generator": {
"date": "2024-09-13T12:27:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2016:1430",
"initial_release_date": "2016-07-18T13:51:35+00:00",
"revision_history": [
{
"date": "2016-07-18T13:51:35+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2016-07-18T13:51:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T12:27:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 5.6 (RHEL v.5)",
"product": {
"name": "Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_satellite:5.6::el5"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 5.7 (RHEL v.6)",
"product": {
"name": "Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_satellite:5.7::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 5.6 (RHEL v.6)",
"product": {
"name": "Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_satellite:5.6::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"product": {
"name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"product_id": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-ibm@1.7.0.9.40-1jpp.1.el5?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"product": {
"name": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"product_id": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-ibm-devel@1.7.0.9.40-1jpp.1.el5?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"product": {
"name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"product_id": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.3.40-1jpp.1.el6_7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"product": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"product_id": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.3.40-1jpp.1.el6_7?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"product": {
"name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"product_id": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-ibm@1.7.0.9.40-1jpp.1.el5?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-0:2.0.2-109.el5sat.src",
"product": {
"name": "spacewalk-java-0:2.0.2-109.el5sat.src",
"product_id": "spacewalk-java-0:2.0.2-109.el5sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java@2.0.2-109.el5sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"product": {
"name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"product_id": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.3.40-1jpp.1.el6_7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-0:2.3.8-146.el6sat.src",
"product": {
"name": "spacewalk-java-0:2.3.8-146.el6sat.src",
"product_id": "spacewalk-java-0:2.3.8-146.el6sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java@2.3.8-146.el6sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-0:2.0.2-109.el6sat.src",
"product": {
"name": "spacewalk-java-0:2.0.2-109.el6sat.src",
"product_id": "spacewalk-java-0:2.0.2-109.el6sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java@2.0.2-109.el6sat?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"product_id": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-ibm@1.7.0.9.40-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"product_id": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-ibm-devel@1.7.0.9.40-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"product": {
"name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"product_id": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.3.40-1jpp.1.el6_7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"product": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"product_id": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.3.40-1jpp.1.el6_7?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "spacewalk-java-0:2.0.2-109.el5sat.noarch",
"product": {
"name": "spacewalk-java-0:2.0.2-109.el5sat.noarch",
"product_id": "spacewalk-java-0:2.0.2-109.el5sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java@2.0.2-109.el5sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"product": {
"name": "spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"product_id": "spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java-postgresql@2.0.2-109.el5sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"product": {
"name": "spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"product_id": "spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-taskomatic@2.0.2-109.el5sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"product": {
"name": "spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"product_id": "spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java-lib@2.0.2-109.el5sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"product": {
"name": "spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"product_id": "spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java-config@2.0.2-109.el5sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"product": {
"name": "spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"product_id": "spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java-oracle@2.0.2-109.el5sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"product": {
"name": "spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"product_id": "spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java-config@2.3.8-146.el6sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"product": {
"name": "spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"product_id": "spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java-oracle@2.3.8-146.el6sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch",
"product": {
"name": "spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch",
"product_id": "spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-taskomatic@2.3.8-146.el6sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"product": {
"name": "spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"product_id": "spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java-postgresql@2.3.8-146.el6sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-0:2.3.8-146.el6sat.noarch",
"product": {
"name": "spacewalk-java-0:2.3.8-146.el6sat.noarch",
"product_id": "spacewalk-java-0:2.3.8-146.el6sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java@2.3.8-146.el6sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"product": {
"name": "spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"product_id": "spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java-lib@2.3.8-146.el6sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-0:2.0.2-109.el6sat.noarch",
"product": {
"name": "spacewalk-java-0:2.0.2-109.el6sat.noarch",
"product_id": "spacewalk-java-0:2.0.2-109.el6sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java@2.0.2-109.el6sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"product": {
"name": "spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"product_id": "spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java-lib@2.0.2-109.el6sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"product": {
"name": "spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"product_id": "spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java-postgresql@2.0.2-109.el6sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"product": {
"name": "spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"product_id": "spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java-oracle@2.0.2-109.el6sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"product": {
"name": "spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"product_id": "spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-taskomatic@2.0.2-109.el6sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"product": {
"name": "spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"product_id": "spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java-config@2.0.2-109.el6sat?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x"
},
"product_reference": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src"
},
"product_reference": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x"
},
"product_reference": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-0:2.0.2-109.el5sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch"
},
"product_reference": "spacewalk-java-0:2.0.2-109.el5sat.noarch",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-0:2.0.2-109.el5sat.src as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src"
},
"product_reference": "spacewalk-java-0:2.0.2-109.el5sat.src",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-config-0:2.0.2-109.el5sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch"
},
"product_reference": "spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-lib-0:2.0.2-109.el5sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch"
},
"product_reference": "spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch"
},
"product_reference": "spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch"
},
"product_reference": "spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch"
},
"product_reference": "spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-0:2.0.2-109.el6sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch"
},
"product_reference": "spacewalk-java-0:2.0.2-109.el6sat.noarch",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-0:2.0.2-109.el6sat.src as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src"
},
"product_reference": "spacewalk-java-0:2.0.2-109.el6sat.src",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-config-0:2.0.2-109.el6sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch"
},
"product_reference": "spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-lib-0:2.0.2-109.el6sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch"
},
"product_reference": "spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch"
},
"product_reference": "spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch"
},
"product_reference": "spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch"
},
"product_reference": "spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"relates_to_product_reference": "6Server-Satellite57"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"relates_to_product_reference": "6Server-Satellite57"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64 as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"relates_to_product_reference": "6Server-Satellite57"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"relates_to_product_reference": "6Server-Satellite57"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64 as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"relates_to_product_reference": "6Server-Satellite57"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-0:2.3.8-146.el6sat.noarch as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch"
},
"product_reference": "spacewalk-java-0:2.3.8-146.el6sat.noarch",
"relates_to_product_reference": "6Server-Satellite57"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-0:2.3.8-146.el6sat.src as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src"
},
"product_reference": "spacewalk-java-0:2.3.8-146.el6sat.src",
"relates_to_product_reference": "6Server-Satellite57"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-config-0:2.3.8-146.el6sat.noarch as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch"
},
"product_reference": "spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"relates_to_product_reference": "6Server-Satellite57"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-lib-0:2.3.8-146.el6sat.noarch as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch"
},
"product_reference": "spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"relates_to_product_reference": "6Server-Satellite57"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch"
},
"product_reference": "spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"relates_to_product_reference": "6Server-Satellite57"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch"
},
"product_reference": "spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"relates_to_product_reference": "6Server-Satellite57"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
},
"product_reference": "spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch",
"relates_to_product_reference": "6Server-Satellite57"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-4734",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273430"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JGSS.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: kerberos realm name leak (JGSS, 8048030)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4734"
},
{
"category": "external",
"summary": "RHBZ#1273430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273430"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4734",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4734"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4734",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4734"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: kerberos realm name leak (JGSS, 8048030)"
},
{
"cve": "CVE-2015-4803",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273637"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: inefficient use of hash tables and lists during XML parsing (JAXP, 8068842)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4803"
},
{
"category": "external",
"summary": "RHBZ#1273637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273637"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4803",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4803"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4803",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4803"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: inefficient use of hash tables and lists during XML parsing (JAXP, 8068842)"
},
{
"cve": "CVE-2015-4805",
"cwe": {
"id": "CWE-665",
"name": "Improper Initialization"
},
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273311"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: missing checks for proper initialization in ObjectStreamClass (Serialization, 8103671)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4805"
},
{
"category": "external",
"summary": "RHBZ#1273311",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273311"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4805",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4805"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4805",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4805"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: missing checks for proper initialization in ObjectStreamClass (Serialization, 8103671)"
},
{
"acknowledgments": [
{
"names": [
"Andrea Palazzo"
],
"organization": "Truel IT"
}
],
"cve": "CVE-2015-4806",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2015-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1233687"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: HttpURLConnection header restriction bypass (Libraries, 8130193)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4806"
},
{
"category": "external",
"summary": "RHBZ#1233687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1233687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4806"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4806",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4806"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: HttpURLConnection header restriction bypass (Libraries, 8130193)"
},
{
"cve": "CVE-2015-4810",
"discovery_date": "2015-10-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273858"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u85 and 8u60 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 7u91 and 8u65 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4810"
},
{
"category": "external",
"summary": "RHBZ#1273858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273858"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4810",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4810"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK: unspecified vulnerability fixed in 7u91 and 8u65 (Deployment)"
},
{
"cve": "CVE-2015-4835",
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273022"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4881.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient permission checks in StubGenerator (CORBA, 8076383)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4835"
},
{
"category": "external",
"summary": "RHBZ#1273022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273022"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4835",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4835"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4835",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4835"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: insufficient permission checks in StubGenerator (CORBA, 8076383)"
},
{
"cve": "CVE-2015-4840",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273338"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via unknown vectors related to 2D.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: OOB access in CMS code (2D, 8086092)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4840"
},
{
"category": "external",
"summary": "RHBZ#1273338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4840",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4840"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4840",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4840"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: OOB access in CMS code (2D, 8086092)"
},
{
"cve": "CVE-2015-4842",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273425"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JAXP.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: leak of user.dir location (JAXP, 8078427)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4842"
},
{
"category": "external",
"summary": "RHBZ#1273425",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273425"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4842",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4842"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4842",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4842"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: leak of user.dir location (JAXP, 8078427)"
},
{
"cve": "CVE-2015-4843",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273053"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: java.nio Buffers integer overflow issues (Libraries, 8130891)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4843"
},
{
"category": "external",
"summary": "RHBZ#1273053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273053"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4843",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4843"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4843",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4843"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: java.nio Buffers integer overflow issues (Libraries, 8130891)"
},
{
"cve": "CVE-2015-4844",
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273318"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ICU: missing boundary checks in layout engine (OpenJDK 2D, 8132042)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4844"
},
{
"category": "external",
"summary": "RHBZ#1273318",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273318"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4844",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4844"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4844",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4844"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "ICU: missing boundary checks in layout engine (OpenJDK 2D, 8132042)"
},
{
"cve": "CVE-2015-4860",
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273308"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4883.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect access control context used in DGCImpl (RMI, 8080688)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4860"
},
{
"category": "external",
"summary": "RHBZ#1273308",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273308"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4860",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4860"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4860",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4860"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: incorrect access control context used in DGCImpl (RMI, 8080688)"
},
{
"cve": "CVE-2015-4871",
"discovery_date": "2015-10-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273859"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u85 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: protected methods can be used as interface methods via DirectMethodHandle (Libraries)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4871"
},
{
"category": "external",
"summary": "RHBZ#1273859",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273859"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4871",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4871"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4871",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4871"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: protected methods can be used as interface methods via DirectMethodHandle (Libraries)"
},
{
"cve": "CVE-2015-4872",
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273734"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect integrity via unknown vectors related to Security.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incomplete constraints enforcement by AlgorithmChecker (Security, 8131291)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4872"
},
{
"category": "external",
"summary": "RHBZ#1273734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273734"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4872",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4872"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4872",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4872"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: incomplete constraints enforcement by AlgorithmChecker (Security, 8131291)"
},
{
"cve": "CVE-2015-4882",
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273414"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect availability via vectors related to CORBA.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect String object deserialization in IIOPInputStream (CORBA, 8076387)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4882"
},
{
"category": "external",
"summary": "RHBZ#1273414",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273414"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4882",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4882"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4882",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4882"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: incorrect String object deserialization in IIOPInputStream (CORBA, 8076387)"
},
{
"cve": "CVE-2015-4883",
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273304"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4860.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect access control context used in DGCClient (RMI, 8076413)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4883"
},
{
"category": "external",
"summary": "RHBZ#1273304",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273304"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4883",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4883"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: incorrect access control context used in DGCClient (RMI, 8076413)"
},
{
"cve": "CVE-2015-4893",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273638"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incomplete MaxXMLNameLimit enforcement (JAXP, 8086733)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4893"
},
{
"category": "external",
"summary": "RHBZ#1273638",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273638"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4893",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4893"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4893",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4893"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: incomplete MaxXMLNameLimit enforcement (JAXP, 8086733)"
},
{
"cve": "CVE-2015-4902",
"discovery_date": "2015-10-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273860"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to Deployment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u105, 7u91 and 8u65 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4902"
},
{
"category": "external",
"summary": "RHBZ#1273860",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273860"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4902",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4902"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4902",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4902"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-03T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u105, 7u91 and 8u65 (Deployment)"
},
{
"cve": "CVE-2015-4903",
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273496"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to RMI.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient proxy class checks in RemoteObjectInvocationHandler (RMI, 8076339)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4903"
},
{
"category": "external",
"summary": "RHBZ#1273496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4903",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4903"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4903",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4903"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: insufficient proxy class checks in RemoteObjectInvocationHandler (RMI, 8076339)"
},
{
"cve": "CVE-2015-5006",
"discovery_date": "2015-11-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1282379"
}
],
"notes": [
{
"category": "description",
"text": "IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, and 6 before SR16 FP15 allow physically proximate attackers to obtain sensitive information by reading the Kerberos Credential Cache.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: local disclosure of kerberos credentials cache",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-5006"
},
{
"category": "external",
"summary": "RHBZ#1282379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-5006",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5006"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5006",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5006"
}
],
"release_date": "2015-11-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: local disclosure of kerberos credentials cache"
},
{
"cve": "CVE-2015-5041",
"discovery_date": "2016-01-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1302689"
}
],
"notes": [
{
"category": "description",
"text": "The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to obtain sensitive information or inject data by invoking non-public interface methods.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: J9 JVM allows code to invoke non-public interface methods",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-5041"
},
{
"category": "external",
"summary": "RHBZ#1302689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-5041",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5041"
}
],
"release_date": "2016-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: J9 JVM allows code to invoke non-public interface methods"
},
{
"cve": "CVE-2015-7575",
"discovery_date": "2015-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1289841"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to impersonate a TLS server or an authenticated TLS client.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "TLS 1.2 Transcipt Collision attacks against MD5 in key exchange protocol (SLOTH)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-7575"
},
{
"category": "external",
"summary": "RHBZ#1289841",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1289841"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-7575",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7575"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-7575",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7575"
},
{
"category": "external",
"summary": "http://www.mitls.org/pages/attacks/SLOTH",
"url": "http://www.mitls.org/pages/attacks/SLOTH"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/2112261",
"url": "https://access.redhat.com/articles/2112261"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-150/",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-150/"
}
],
"release_date": "2016-01-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "TLS 1.2 Transcipt Collision attacks against MD5 in key exchange protocol (SLOTH)"
},
{
"cve": "CVE-2015-7981",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2015-10-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1276416"
}
],
"notes": [
{
"category": "description",
"text": "An array-indexing error was discovered in the png_convert_to_rfc1123() function of libpng. An attacker could possibly use this flaw to cause an out-of-bounds read by tricking an unsuspecting user into processing a specially crafted PNG image.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libpng: Out-of-bounds read in png_convert_to_rfc1123",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-7981"
},
{
"category": "external",
"summary": "RHBZ#1276416",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276416"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-7981",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7981"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-7981",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7981"
}
],
"release_date": "2015-10-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "libpng: Out-of-bounds read in png_convert_to_rfc1123"
},
{
"cve": "CVE-2015-8126",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2015-11-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1281756"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-8126"
},
{
"category": "external",
"summary": "RHBZ#1281756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281756"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-8126",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8126"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-8126",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8126"
}
],
"release_date": "2015-11-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions"
},
{
"cve": "CVE-2015-8472",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2015-11-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1281756"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-8472"
},
{
"category": "external",
"summary": "RHBZ#1281756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281756"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-8472",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8472"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-8472",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8472"
}
],
"release_date": "2015-11-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions"
},
{
"cve": "CVE-2015-8540",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2015-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1291312"
}
],
"notes": [
{
"category": "description",
"text": "Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libpng: underflow read in png_check_keyword()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-8540"
},
{
"category": "external",
"summary": "RHBZ#1291312",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291312"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-8540",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8540"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-8540",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8540"
}
],
"release_date": "2015-12-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 5.4,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "libpng: underflow read in png_check_keyword()"
},
{
"cve": "CVE-2016-0264",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2016-04-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1331359"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: buffer overflow vulnerability in the IBM JVM",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0264"
},
{
"category": "external",
"summary": "RHBZ#1331359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1331359"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0264",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0264"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0264",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0264"
},
{
"category": "external",
"summary": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_April_2016",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_April_2016"
}
],
"release_date": "2016-04-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK: buffer overflow vulnerability in the IBM JVM"
},
{
"cve": "CVE-2016-0363",
"discovery_date": "2016-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1324044"
}
],
"notes": [
{
"category": "description",
"text": "The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) uses the invoke method of the java.lang.reflect.Method class in an AccessController doPrivileged block, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to a Proxy object instance implementing the java.lang.reflect.InvocationHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-3009.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0363"
},
{
"category": "external",
"summary": "RHBZ#1324044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1324044"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0363",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0363"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0363",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0363"
},
{
"category": "external",
"summary": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_April_2016",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_April_2016"
}
],
"release_date": "2016-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix"
},
{
"cve": "CVE-2016-0376",
"discovery_date": "2016-04-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1330986"
}
],
"notes": [
{
"category": "description",
"text": "The com.ibm.rmi.io.SunSerializableFactory class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) does not properly deserialize classes in an AccessController doPrivileged block, which allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code as demonstrated by the readValue method of the com.ibm.rmi.io.ValueHandlerPool.ValueHandlerSingleton class, which implements the javax.rmi.CORBA.ValueHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-5456.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0376"
},
{
"category": "external",
"summary": "RHBZ#1330986",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330986"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0376",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0376"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0376",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0376"
},
{
"category": "external",
"summary": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_April_2016",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_April_2016"
}
],
"release_date": "2016-04-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix"
},
{
"cve": "CVE-2016-0402",
"discovery_date": "2016-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1298957"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: URL deserialization inconsistencies (Networking, 8059054)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0402"
},
{
"category": "external",
"summary": "RHBZ#1298957",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298957"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0402",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0402"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0402",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0402"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA"
}
],
"release_date": "2016-01-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: URL deserialization inconsistencies (Networking, 8059054)"
},
{
"cve": "CVE-2016-0448",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"discovery_date": "2016-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1299073"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE Embedded 8u65 allows remote authenticated users to affect confidentiality via vectors related to JMX.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: logging of RMI connection secrets (JMX, 8130710)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0448"
},
{
"category": "external",
"summary": "RHBZ#1299073",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1299073"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0448",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0448"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0448",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0448"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA"
}
],
"release_date": "2016-01-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: logging of RMI connection secrets (JMX, 8130710)"
},
{
"cve": "CVE-2016-0466",
"discovery_date": "2016-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1299385"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the JAXP component in OpenJDK did not properly enforce the totalEntitySizeLimit limit. An attacker able to make a Java application process a specially crafted XML file could use this flaw to make the application consume an excessive amount of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient enforcement of totalEntitySizeLimit (JAXP, 8133962)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0466"
},
{
"category": "external",
"summary": "RHBZ#1299385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1299385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0466"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0466",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0466"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA"
}
],
"release_date": "2016-01-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: insufficient enforcement of totalEntitySizeLimit (JAXP, 8133962)"
},
{
"cve": "CVE-2016-0483",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2016-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1299441"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect boundary check in JPEG decoder (AWT, 8139017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0483"
},
{
"category": "external",
"summary": "RHBZ#1299441",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1299441"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0483",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0483"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0483",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0483"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA"
}
],
"release_date": "2016-01-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: incorrect boundary check in JPEG decoder (AWT, 8139017)"
},
{
"cve": "CVE-2016-0494",
"cwe": {
"id": "CWE-681",
"name": "Incorrect Conversion between Numeric Types"
},
"discovery_date": "2016-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1298906"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ICU: integer signedness issue in IndicRearrangementProcessor (OpenJDK 2D, 8140543)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0494"
},
{
"category": "external",
"summary": "RHBZ#1298906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298906"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0494",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0494"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0494",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0494"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA"
}
],
"release_date": "2016-01-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "ICU: integer signedness issue in IndicRearrangementProcessor (OpenJDK 2D, 8140543)"
},
{
"cve": "CVE-2016-0686",
"discovery_date": "2016-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1327743"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient thread consistency checks in ObjectInputStream (Serialization, 8129952)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0686"
},
{
"category": "external",
"summary": "RHBZ#1327743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327743"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0686",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0686"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0686",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0686"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA"
}
],
"release_date": "2016-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: insufficient thread consistency checks in ObjectInputStream (Serialization, 8129952)"
},
{
"cve": "CVE-2016-0687",
"discovery_date": "2016-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1327749"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient byte type checks (Hotspot, 8132051)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0687"
},
{
"category": "external",
"summary": "RHBZ#1327749",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327749"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0687"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0687",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0687"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA"
}
],
"release_date": "2016-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: insufficient byte type checks (Hotspot, 8132051)"
},
{
"cve": "CVE-2016-3422",
"discovery_date": "2016-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1328620"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-3422"
},
{
"category": "external",
"summary": "RHBZ#1328620",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328620"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-3422",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3422"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3422",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3422"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA"
}
],
"release_date": "2016-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)"
},
{
"cve": "CVE-2016-3426",
"discovery_date": "2016-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1328059"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the GCM (Galois/Counter Mode) implementation in the JCE component in OpenJDK used a non-constant time comparison when comparing GCM authentication tags. A remote attacker could possibly use this flaw to determine the value of the authentication tag.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: non-constant time GCM authentication tag comparison (JCE, 8143945)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-3426"
},
{
"category": "external",
"summary": "RHBZ#1328059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-3426",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3426"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3426",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3426"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA"
}
],
"release_date": "2016-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: non-constant time GCM authentication tag comparison (JCE, 8143945)"
},
{
"cve": "CVE-2016-3427",
"discovery_date": "2016-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1328210"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unrestricted deserialization of authentication credentials (JMX, 8144430)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-3427"
},
{
"category": "external",
"summary": "RHBZ#1328210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328210"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-3427",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3427"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3427",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3427"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2016-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-12T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: unrestricted deserialization of authentication credentials (JMX, 8144430)"
},
{
"cve": "CVE-2016-3443",
"discovery_date": "2016-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1328618"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D. NOTE: the previous information is from the April 2016 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information via crafted font data, which triggers an out-of-bounds read.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-3443"
},
{
"category": "external",
"summary": "RHBZ#1328618",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328618"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-3443",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3443"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3443",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3443"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA"
}
],
"release_date": "2016-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)"
},
{
"cve": "CVE-2016-3449",
"discovery_date": "2016-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1328619"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Deployment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-3449"
},
{
"category": "external",
"summary": "RHBZ#1328619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328619"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-3449",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3449"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3449",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3449"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA"
}
],
"release_date": "2016-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (Deployment)"
}
]
}
Loading...