RHSA-2016_1430
Vulnerability from csaf_redhat - Published: 2016-07-18 13:51 - Updated: 2024-12-01 12:02Summary
Red Hat Security Advisory: java-1.7.0-ibm and java-1.7.1-ibm security update
Severity
Moderate
Notes
Topic: An update for java-1.7.0-ibm and java-1.7.1-ibm is now available for Red Hat Satellite 5.7 and Red Hat Satellite 5.6.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.
This update upgrades IBM Java SE 7 to versions 7 SR9-FP40 and 7R1 SR3-FP40.
Security Fix(es):
* This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4810, CVE-2015-4835, CVE-2015-4840, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4871, CVE-2015-4872, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4902, CVE-2015-4903, CVE-2015-5006, CVE-2015-5041, CVE-2015-7575, CVE-2015-7981, CVE-2015-8126, CVE-2015-8472, CVE-2015-8540, CVE-2016-0264, CVE-2016-0363, CVE-2016-0376, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494, CVE-2016-0686, CVE-2016-0687, CVE-2016-3422, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449)
Red Hat would like to thank Andrea Palazzo of Truel IT for reporting the
CVE-2015-4806 issue.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JGSS.
4.3 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911.
4.3 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serialization.
6.8 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
4.3 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Unspecified vulnerability in Oracle Java SE 7u85 and 8u60 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
6.9 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4881.
6.8 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via unknown vectors related to 2D.
4.3 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JAXP.
4.3 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
6.8 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
6.8 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4883.
6.8 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Unspecified vulnerability in Oracle Java SE 7u85 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
5.8 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect integrity via unknown vectors related to Security.
4.3 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect availability via vectors related to CORBA.
4.3 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4860.
6.8 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911.
4.3 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to Deployment.
4.3 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to RMI.
4.3 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, and 6 before SR16 FP15 allow physically proximate attackers to obtain sensitive information by reading the Kerberos Credential Cache.
2.1 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to obtain sensitive information or inject data by invoking non-public interface methods.
5.8 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to impersonate a TLS server or an authenticated TLS client.
5.8 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
An array-indexing error was discovered in the png_convert_to_rfc1123() function of libpng. An attacker could possibly use this flaw to cause an out-of-bounds read by tricking an unsuspecting user into processing a specially crafted PNG image.
4.0 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library.
5.1 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library.
5.1 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) allows remote attackers to execute arbitrary code via unspecified vectors.
5.1 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) uses the invoke method of the java.lang.reflect.Method class in an AccessController doPrivileged block, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to a Proxy object instance implementing the java.lang.reflect.InvocationHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-3009.
6.8 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
The com.ibm.rmi.io.SunSerializableFactory class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) does not properly deserialize classes in an AccessController doPrivileged block, which allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code as demonstrated by the readValue method of the com.ibm.rmi.io.ValueHandlerPool.ValueHandlerSingleton class, which implements the javax.rmi.CORBA.ValueHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-5456.
6.8 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking.
4.3 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE Embedded 8u65 allows remote authenticated users to affect confidentiality via vectors related to JMX.
4.3 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
It was discovered that the JAXP component in OpenJDK did not properly enforce the totalEntitySizeLimit limit. An attacker able to make a Java application process a specially crafted XML file could use this flaw to make the application consume an excessive amount of memory.
5.0 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions.
6.8 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
6.8 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization.
6.8 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component.
6.8 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D.
4.3 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
It was discovered that the GCM (Galois/Counter Mode) implementation in the JCE component in OpenJDK used a non-constant time comparison when comparing GCM authentication tags. A remote attacker could possibly use this flaw to determine the value of the authentication tag.
2.6 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws.
6.8 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D. NOTE: the previous information is from the April 2016 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information via crafted font data, which triggers an out-of-bounds read.
6.8 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Deployment.
5.1 ()
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java.
https://access.redhat.com/errata/RHSA-2016:1430
References
Acknowledgments
Truel IT
Andrea Palazzo
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.7.0-ibm and java-1.7.1-ibm is now available for Red Hat Satellite 5.7 and Red Hat Satellite 5.6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 7 to versions 7 SR9-FP40 and 7R1 SR3-FP40.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4810, CVE-2015-4835, CVE-2015-4840, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4871, CVE-2015-4872, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4902, CVE-2015-4903, CVE-2015-5006, CVE-2015-5041, CVE-2015-7575, CVE-2015-7981, CVE-2015-8126, CVE-2015-8472, CVE-2015-8540, CVE-2016-0264, CVE-2016-0363, CVE-2016-0376, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494, CVE-2016-0686, CVE-2016-0687, CVE-2016-3422, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449)\n\nRed Hat would like to thank Andrea Palazzo of Truel IT for reporting the\nCVE-2015-4806 issue.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2016:1430",
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1233687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1233687"
},
{
"category": "external",
"summary": "1273022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273022"
},
{
"category": "external",
"summary": "1273053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273053"
},
{
"category": "external",
"summary": "1273304",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273304"
},
{
"category": "external",
"summary": "1273308",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273308"
},
{
"category": "external",
"summary": "1273311",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273311"
},
{
"category": "external",
"summary": "1273318",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273318"
},
{
"category": "external",
"summary": "1273338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273338"
},
{
"category": "external",
"summary": "1273414",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273414"
},
{
"category": "external",
"summary": "1273425",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273425"
},
{
"category": "external",
"summary": "1273430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273430"
},
{
"category": "external",
"summary": "1273496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273496"
},
{
"category": "external",
"summary": "1273637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273637"
},
{
"category": "external",
"summary": "1273638",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273638"
},
{
"category": "external",
"summary": "1273734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273734"
},
{
"category": "external",
"summary": "1273858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273858"
},
{
"category": "external",
"summary": "1273859",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273859"
},
{
"category": "external",
"summary": "1273860",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273860"
},
{
"category": "external",
"summary": "1276416",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276416"
},
{
"category": "external",
"summary": "1281756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281756"
},
{
"category": "external",
"summary": "1282379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282379"
},
{
"category": "external",
"summary": "1289841",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1289841"
},
{
"category": "external",
"summary": "1291312",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291312"
},
{
"category": "external",
"summary": "1298906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298906"
},
{
"category": "external",
"summary": "1298957",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298957"
},
{
"category": "external",
"summary": "1299073",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1299073"
},
{
"category": "external",
"summary": "1299385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1299385"
},
{
"category": "external",
"summary": "1299441",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1299441"
},
{
"category": "external",
"summary": "1302689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302689"
},
{
"category": "external",
"summary": "1324044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1324044"
},
{
"category": "external",
"summary": "1327743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327743"
},
{
"category": "external",
"summary": "1327749",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327749"
},
{
"category": "external",
"summary": "1328059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328059"
},
{
"category": "external",
"summary": "1328210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328210"
},
{
"category": "external",
"summary": "1328618",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328618"
},
{
"category": "external",
"summary": "1328619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328619"
},
{
"category": "external",
"summary": "1328620",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328620"
},
{
"category": "external",
"summary": "1330986",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330986"
},
{
"category": "external",
"summary": "1331359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1331359"
},
{
"category": "external",
"summary": "1351695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1351695"
},
{
"category": "external",
"summary": "1353209",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353209"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_1430.json"
}
],
"title": "Red Hat Security Advisory: java-1.7.0-ibm and java-1.7.1-ibm security update",
"tracking": {
"current_release_date": "2024-12-01T12:02:40+00:00",
"generator": {
"date": "2024-12-01T12:02:40+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2016:1430",
"initial_release_date": "2016-07-18T13:51:35+00:00",
"revision_history": [
{
"date": "2016-07-18T13:51:35+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2016-07-18T13:51:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-01T12:02:40+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 5.6 (RHEL v.5)",
"product": {
"name": "Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_satellite:5.6::el5"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 5.7 (RHEL v.6)",
"product": {
"name": "Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_satellite:5.7::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 5.6 (RHEL v.6)",
"product": {
"name": "Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_satellite:5.6::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"product": {
"name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"product_id": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-ibm@1.7.0.9.40-1jpp.1.el5?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"product": {
"name": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"product_id": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-ibm-devel@1.7.0.9.40-1jpp.1.el5?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"product": {
"name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"product_id": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.3.40-1jpp.1.el6_7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"product": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"product_id": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.3.40-1jpp.1.el6_7?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"product": {
"name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"product_id": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-ibm@1.7.0.9.40-1jpp.1.el5?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-0:2.0.2-109.el5sat.src",
"product": {
"name": "spacewalk-java-0:2.0.2-109.el5sat.src",
"product_id": "spacewalk-java-0:2.0.2-109.el5sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java@2.0.2-109.el5sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"product": {
"name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"product_id": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.3.40-1jpp.1.el6_7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-0:2.3.8-146.el6sat.src",
"product": {
"name": "spacewalk-java-0:2.3.8-146.el6sat.src",
"product_id": "spacewalk-java-0:2.3.8-146.el6sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java@2.3.8-146.el6sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-0:2.0.2-109.el6sat.src",
"product": {
"name": "spacewalk-java-0:2.0.2-109.el6sat.src",
"product_id": "spacewalk-java-0:2.0.2-109.el6sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java@2.0.2-109.el6sat?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"product_id": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-ibm@1.7.0.9.40-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"product_id": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-ibm-devel@1.7.0.9.40-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"product": {
"name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"product_id": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.3.40-1jpp.1.el6_7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"product": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"product_id": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.3.40-1jpp.1.el6_7?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "spacewalk-java-0:2.0.2-109.el5sat.noarch",
"product": {
"name": "spacewalk-java-0:2.0.2-109.el5sat.noarch",
"product_id": "spacewalk-java-0:2.0.2-109.el5sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java@2.0.2-109.el5sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"product": {
"name": "spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"product_id": "spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java-postgresql@2.0.2-109.el5sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"product": {
"name": "spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"product_id": "spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-taskomatic@2.0.2-109.el5sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"product": {
"name": "spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"product_id": "spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java-lib@2.0.2-109.el5sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"product": {
"name": "spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"product_id": "spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java-config@2.0.2-109.el5sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"product": {
"name": "spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"product_id": "spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java-oracle@2.0.2-109.el5sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"product": {
"name": "spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"product_id": "spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java-config@2.3.8-146.el6sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"product": {
"name": "spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"product_id": "spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java-oracle@2.3.8-146.el6sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch",
"product": {
"name": "spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch",
"product_id": "spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-taskomatic@2.3.8-146.el6sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"product": {
"name": "spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"product_id": "spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java-postgresql@2.3.8-146.el6sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-0:2.3.8-146.el6sat.noarch",
"product": {
"name": "spacewalk-java-0:2.3.8-146.el6sat.noarch",
"product_id": "spacewalk-java-0:2.3.8-146.el6sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java@2.3.8-146.el6sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"product": {
"name": "spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"product_id": "spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java-lib@2.3.8-146.el6sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-0:2.0.2-109.el6sat.noarch",
"product": {
"name": "spacewalk-java-0:2.0.2-109.el6sat.noarch",
"product_id": "spacewalk-java-0:2.0.2-109.el6sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java@2.0.2-109.el6sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"product": {
"name": "spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"product_id": "spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java-lib@2.0.2-109.el6sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"product": {
"name": "spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"product_id": "spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java-postgresql@2.0.2-109.el6sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"product": {
"name": "spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"product_id": "spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java-oracle@2.0.2-109.el6sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"product": {
"name": "spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"product_id": "spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-taskomatic@2.0.2-109.el6sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"product": {
"name": "spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"product_id": "spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spacewalk-java-config@2.0.2-109.el6sat?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x"
},
"product_reference": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src"
},
"product_reference": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x"
},
"product_reference": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-0:2.0.2-109.el5sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch"
},
"product_reference": "spacewalk-java-0:2.0.2-109.el5sat.noarch",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-0:2.0.2-109.el5sat.src as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src"
},
"product_reference": "spacewalk-java-0:2.0.2-109.el5sat.src",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-config-0:2.0.2-109.el5sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch"
},
"product_reference": "spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-lib-0:2.0.2-109.el5sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch"
},
"product_reference": "spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch"
},
"product_reference": "spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch"
},
"product_reference": "spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch"
},
"product_reference": "spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-0:2.0.2-109.el6sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch"
},
"product_reference": "spacewalk-java-0:2.0.2-109.el6sat.noarch",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-0:2.0.2-109.el6sat.src as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src"
},
"product_reference": "spacewalk-java-0:2.0.2-109.el6sat.src",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-config-0:2.0.2-109.el6sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch"
},
"product_reference": "spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-lib-0:2.0.2-109.el6sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch"
},
"product_reference": "spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch"
},
"product_reference": "spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch"
},
"product_reference": "spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch"
},
"product_reference": "spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"relates_to_product_reference": "6Server-Satellite57"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"relates_to_product_reference": "6Server-Satellite57"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64 as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"relates_to_product_reference": "6Server-Satellite57"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"relates_to_product_reference": "6Server-Satellite57"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64 as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"relates_to_product_reference": "6Server-Satellite57"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-0:2.3.8-146.el6sat.noarch as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch"
},
"product_reference": "spacewalk-java-0:2.3.8-146.el6sat.noarch",
"relates_to_product_reference": "6Server-Satellite57"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-0:2.3.8-146.el6sat.src as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src"
},
"product_reference": "spacewalk-java-0:2.3.8-146.el6sat.src",
"relates_to_product_reference": "6Server-Satellite57"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-config-0:2.3.8-146.el6sat.noarch as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch"
},
"product_reference": "spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"relates_to_product_reference": "6Server-Satellite57"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-lib-0:2.3.8-146.el6sat.noarch as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch"
},
"product_reference": "spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"relates_to_product_reference": "6Server-Satellite57"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch"
},
"product_reference": "spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"relates_to_product_reference": "6Server-Satellite57"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch"
},
"product_reference": "spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"relates_to_product_reference": "6Server-Satellite57"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
},
"product_reference": "spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch",
"relates_to_product_reference": "6Server-Satellite57"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-4734",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273430"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JGSS.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: kerberos realm name leak (JGSS, 8048030)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4734"
},
{
"category": "external",
"summary": "RHBZ#1273430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273430"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4734",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4734"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4734",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4734"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: kerberos realm name leak (JGSS, 8048030)"
},
{
"cve": "CVE-2015-4803",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273637"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: inefficient use of hash tables and lists during XML parsing (JAXP, 8068842)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4803"
},
{
"category": "external",
"summary": "RHBZ#1273637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273637"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4803",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4803"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4803",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4803"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: inefficient use of hash tables and lists during XML parsing (JAXP, 8068842)"
},
{
"cve": "CVE-2015-4805",
"cwe": {
"id": "CWE-665",
"name": "Improper Initialization"
},
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273311"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: missing checks for proper initialization in ObjectStreamClass (Serialization, 8103671)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4805"
},
{
"category": "external",
"summary": "RHBZ#1273311",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273311"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4805",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4805"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4805",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4805"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: missing checks for proper initialization in ObjectStreamClass (Serialization, 8103671)"
},
{
"acknowledgments": [
{
"names": [
"Andrea Palazzo"
],
"organization": "Truel IT"
}
],
"cve": "CVE-2015-4806",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2015-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1233687"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: HttpURLConnection header restriction bypass (Libraries, 8130193)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4806"
},
{
"category": "external",
"summary": "RHBZ#1233687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1233687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4806"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4806",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4806"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: HttpURLConnection header restriction bypass (Libraries, 8130193)"
},
{
"cve": "CVE-2015-4810",
"discovery_date": "2015-10-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273858"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u85 and 8u60 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 7u91 and 8u65 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4810"
},
{
"category": "external",
"summary": "RHBZ#1273858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273858"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4810",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4810"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK: unspecified vulnerability fixed in 7u91 and 8u65 (Deployment)"
},
{
"cve": "CVE-2015-4835",
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273022"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4881.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient permission checks in StubGenerator (CORBA, 8076383)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4835"
},
{
"category": "external",
"summary": "RHBZ#1273022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273022"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4835",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4835"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4835",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4835"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: insufficient permission checks in StubGenerator (CORBA, 8076383)"
},
{
"cve": "CVE-2015-4840",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273338"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via unknown vectors related to 2D.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: OOB access in CMS code (2D, 8086092)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4840"
},
{
"category": "external",
"summary": "RHBZ#1273338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4840",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4840"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4840",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4840"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: OOB access in CMS code (2D, 8086092)"
},
{
"cve": "CVE-2015-4842",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273425"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JAXP.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: leak of user.dir location (JAXP, 8078427)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4842"
},
{
"category": "external",
"summary": "RHBZ#1273425",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273425"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4842",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4842"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4842",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4842"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: leak of user.dir location (JAXP, 8078427)"
},
{
"cve": "CVE-2015-4843",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273053"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: java.nio Buffers integer overflow issues (Libraries, 8130891)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4843"
},
{
"category": "external",
"summary": "RHBZ#1273053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273053"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4843",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4843"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4843",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4843"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: java.nio Buffers integer overflow issues (Libraries, 8130891)"
},
{
"cve": "CVE-2015-4844",
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273318"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ICU: missing boundary checks in layout engine (OpenJDK 2D, 8132042)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4844"
},
{
"category": "external",
"summary": "RHBZ#1273318",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273318"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4844",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4844"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4844",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4844"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "ICU: missing boundary checks in layout engine (OpenJDK 2D, 8132042)"
},
{
"cve": "CVE-2015-4860",
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273308"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4883.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect access control context used in DGCImpl (RMI, 8080688)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4860"
},
{
"category": "external",
"summary": "RHBZ#1273308",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273308"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4860",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4860"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4860",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4860"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: incorrect access control context used in DGCImpl (RMI, 8080688)"
},
{
"cve": "CVE-2015-4871",
"discovery_date": "2015-10-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273859"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u85 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: protected methods can be used as interface methods via DirectMethodHandle (Libraries)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4871"
},
{
"category": "external",
"summary": "RHBZ#1273859",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273859"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4871",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4871"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4871",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4871"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: protected methods can be used as interface methods via DirectMethodHandle (Libraries)"
},
{
"cve": "CVE-2015-4872",
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273734"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect integrity via unknown vectors related to Security.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incomplete constraints enforcement by AlgorithmChecker (Security, 8131291)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4872"
},
{
"category": "external",
"summary": "RHBZ#1273734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273734"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4872",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4872"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4872",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4872"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: incomplete constraints enforcement by AlgorithmChecker (Security, 8131291)"
},
{
"cve": "CVE-2015-4882",
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273414"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect availability via vectors related to CORBA.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect String object deserialization in IIOPInputStream (CORBA, 8076387)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4882"
},
{
"category": "external",
"summary": "RHBZ#1273414",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273414"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4882",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4882"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4882",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4882"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: incorrect String object deserialization in IIOPInputStream (CORBA, 8076387)"
},
{
"cve": "CVE-2015-4883",
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273304"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4860.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect access control context used in DGCClient (RMI, 8076413)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4883"
},
{
"category": "external",
"summary": "RHBZ#1273304",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273304"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4883",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4883"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: incorrect access control context used in DGCClient (RMI, 8076413)"
},
{
"cve": "CVE-2015-4893",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273638"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incomplete MaxXMLNameLimit enforcement (JAXP, 8086733)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4893"
},
{
"category": "external",
"summary": "RHBZ#1273638",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273638"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4893",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4893"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4893",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4893"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: incomplete MaxXMLNameLimit enforcement (JAXP, 8086733)"
},
{
"cve": "CVE-2015-4902",
"discovery_date": "2015-10-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273860"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to Deployment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u105, 7u91 and 8u65 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4902"
},
{
"category": "external",
"summary": "RHBZ#1273860",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273860"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4902",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4902"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4902",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4902"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-03T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u105, 7u91 and 8u65 (Deployment)"
},
{
"cve": "CVE-2015-4903",
"discovery_date": "2015-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1273496"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to RMI.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient proxy class checks in RemoteObjectInvocationHandler (RMI, 8076339)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-4903"
},
{
"category": "external",
"summary": "RHBZ#1273496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-4903",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4903"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-4903",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4903"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA"
}
],
"release_date": "2015-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: insufficient proxy class checks in RemoteObjectInvocationHandler (RMI, 8076339)"
},
{
"cve": "CVE-2015-5006",
"discovery_date": "2015-11-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1282379"
}
],
"notes": [
{
"category": "description",
"text": "IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, and 6 before SR16 FP15 allow physically proximate attackers to obtain sensitive information by reading the Kerberos Credential Cache.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: local disclosure of kerberos credentials cache",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-5006"
},
{
"category": "external",
"summary": "RHBZ#1282379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-5006",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5006"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5006",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5006"
}
],
"release_date": "2015-11-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: local disclosure of kerberos credentials cache"
},
{
"cve": "CVE-2015-5041",
"discovery_date": "2016-01-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1302689"
}
],
"notes": [
{
"category": "description",
"text": "The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to obtain sensitive information or inject data by invoking non-public interface methods.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: J9 JVM allows code to invoke non-public interface methods",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-5041"
},
{
"category": "external",
"summary": "RHBZ#1302689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-5041",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5041"
}
],
"release_date": "2016-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: J9 JVM allows code to invoke non-public interface methods"
},
{
"cve": "CVE-2015-7575",
"discovery_date": "2015-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1289841"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to impersonate a TLS server or an authenticated TLS client.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "TLS 1.2 Transcipt Collision attacks against MD5 in key exchange protocol (SLOTH)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-7575"
},
{
"category": "external",
"summary": "RHBZ#1289841",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1289841"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-7575",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7575"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-7575",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7575"
},
{
"category": "external",
"summary": "http://www.mitls.org/pages/attacks/SLOTH",
"url": "http://www.mitls.org/pages/attacks/SLOTH"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/2112261",
"url": "https://access.redhat.com/articles/2112261"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-150/",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-150/"
}
],
"release_date": "2016-01-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "TLS 1.2 Transcipt Collision attacks against MD5 in key exchange protocol (SLOTH)"
},
{
"cve": "CVE-2015-7981",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2015-10-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1276416"
}
],
"notes": [
{
"category": "description",
"text": "An array-indexing error was discovered in the png_convert_to_rfc1123() function of libpng. An attacker could possibly use this flaw to cause an out-of-bounds read by tricking an unsuspecting user into processing a specially crafted PNG image.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libpng: Out-of-bounds read in png_convert_to_rfc1123",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-7981"
},
{
"category": "external",
"summary": "RHBZ#1276416",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276416"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-7981",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7981"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-7981",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7981"
}
],
"release_date": "2015-10-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "libpng: Out-of-bounds read in png_convert_to_rfc1123"
},
{
"cve": "CVE-2015-8126",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2015-11-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1281756"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-8126"
},
{
"category": "external",
"summary": "RHBZ#1281756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281756"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-8126",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8126"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-8126",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8126"
}
],
"release_date": "2015-11-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions"
},
{
"cve": "CVE-2015-8472",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2015-11-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1281756"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-8472"
},
{
"category": "external",
"summary": "RHBZ#1281756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281756"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-8472",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8472"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-8472",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8472"
}
],
"release_date": "2015-11-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions"
},
{
"cve": "CVE-2015-8540",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2015-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1291312"
}
],
"notes": [
{
"category": "description",
"text": "Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libpng: underflow read in png_check_keyword()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-8540"
},
{
"category": "external",
"summary": "RHBZ#1291312",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291312"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-8540",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8540"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-8540",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8540"
}
],
"release_date": "2015-12-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 5.4,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "libpng: underflow read in png_check_keyword()"
},
{
"cve": "CVE-2016-0264",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2016-04-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1331359"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: buffer overflow vulnerability in the IBM JVM",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0264"
},
{
"category": "external",
"summary": "RHBZ#1331359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1331359"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0264",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0264"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0264",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0264"
},
{
"category": "external",
"summary": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_April_2016",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_April_2016"
}
],
"release_date": "2016-04-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK: buffer overflow vulnerability in the IBM JVM"
},
{
"cve": "CVE-2016-0363",
"discovery_date": "2016-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1324044"
}
],
"notes": [
{
"category": "description",
"text": "The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) uses the invoke method of the java.lang.reflect.Method class in an AccessController doPrivileged block, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to a Proxy object instance implementing the java.lang.reflect.InvocationHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-3009.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0363"
},
{
"category": "external",
"summary": "RHBZ#1324044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1324044"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0363",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0363"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0363",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0363"
},
{
"category": "external",
"summary": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_April_2016",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_April_2016"
}
],
"release_date": "2016-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix"
},
{
"cve": "CVE-2016-0376",
"discovery_date": "2016-04-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1330986"
}
],
"notes": [
{
"category": "description",
"text": "The com.ibm.rmi.io.SunSerializableFactory class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) does not properly deserialize classes in an AccessController doPrivileged block, which allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code as demonstrated by the readValue method of the com.ibm.rmi.io.ValueHandlerPool.ValueHandlerSingleton class, which implements the javax.rmi.CORBA.ValueHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-5456.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0376"
},
{
"category": "external",
"summary": "RHBZ#1330986",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330986"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0376",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0376"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0376",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0376"
},
{
"category": "external",
"summary": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_April_2016",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_April_2016"
}
],
"release_date": "2016-04-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix"
},
{
"cve": "CVE-2016-0402",
"discovery_date": "2016-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1298957"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: URL deserialization inconsistencies (Networking, 8059054)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0402"
},
{
"category": "external",
"summary": "RHBZ#1298957",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298957"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0402",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0402"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0402",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0402"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA"
}
],
"release_date": "2016-01-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: URL deserialization inconsistencies (Networking, 8059054)"
},
{
"cve": "CVE-2016-0448",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"discovery_date": "2016-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1299073"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE Embedded 8u65 allows remote authenticated users to affect confidentiality via vectors related to JMX.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: logging of RMI connection secrets (JMX, 8130710)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0448"
},
{
"category": "external",
"summary": "RHBZ#1299073",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1299073"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0448",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0448"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0448",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0448"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA"
}
],
"release_date": "2016-01-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: logging of RMI connection secrets (JMX, 8130710)"
},
{
"cve": "CVE-2016-0466",
"discovery_date": "2016-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1299385"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the JAXP component in OpenJDK did not properly enforce the totalEntitySizeLimit limit. An attacker able to make a Java application process a specially crafted XML file could use this flaw to make the application consume an excessive amount of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient enforcement of totalEntitySizeLimit (JAXP, 8133962)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0466"
},
{
"category": "external",
"summary": "RHBZ#1299385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1299385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0466"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0466",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0466"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA"
}
],
"release_date": "2016-01-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: insufficient enforcement of totalEntitySizeLimit (JAXP, 8133962)"
},
{
"cve": "CVE-2016-0483",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2016-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1299441"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect boundary check in JPEG decoder (AWT, 8139017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0483"
},
{
"category": "external",
"summary": "RHBZ#1299441",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1299441"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0483",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0483"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0483",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0483"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA"
}
],
"release_date": "2016-01-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: incorrect boundary check in JPEG decoder (AWT, 8139017)"
},
{
"cve": "CVE-2016-0494",
"cwe": {
"id": "CWE-681",
"name": "Incorrect Conversion between Numeric Types"
},
"discovery_date": "2016-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1298906"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ICU: integer signedness issue in IndicRearrangementProcessor (OpenJDK 2D, 8140543)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0494"
},
{
"category": "external",
"summary": "RHBZ#1298906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298906"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0494",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0494"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0494",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0494"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA"
}
],
"release_date": "2016-01-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "ICU: integer signedness issue in IndicRearrangementProcessor (OpenJDK 2D, 8140543)"
},
{
"cve": "CVE-2016-0686",
"discovery_date": "2016-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1327743"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient thread consistency checks in ObjectInputStream (Serialization, 8129952)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0686"
},
{
"category": "external",
"summary": "RHBZ#1327743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327743"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0686",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0686"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0686",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0686"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA"
}
],
"release_date": "2016-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: insufficient thread consistency checks in ObjectInputStream (Serialization, 8129952)"
},
{
"cve": "CVE-2016-0687",
"discovery_date": "2016-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1327749"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient byte type checks (Hotspot, 8132051)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0687"
},
{
"category": "external",
"summary": "RHBZ#1327749",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327749"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0687"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0687",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0687"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA"
}
],
"release_date": "2016-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: insufficient byte type checks (Hotspot, 8132051)"
},
{
"cve": "CVE-2016-3422",
"discovery_date": "2016-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1328620"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-3422"
},
{
"category": "external",
"summary": "RHBZ#1328620",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328620"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-3422",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3422"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3422",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3422"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA"
}
],
"release_date": "2016-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)"
},
{
"cve": "CVE-2016-3426",
"discovery_date": "2016-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1328059"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the GCM (Galois/Counter Mode) implementation in the JCE component in OpenJDK used a non-constant time comparison when comparing GCM authentication tags. A remote attacker could possibly use this flaw to determine the value of the authentication tag.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: non-constant time GCM authentication tag comparison (JCE, 8143945)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-3426"
},
{
"category": "external",
"summary": "RHBZ#1328059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-3426",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3426"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3426",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3426"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA"
}
],
"release_date": "2016-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: non-constant time GCM authentication tag comparison (JCE, 8143945)"
},
{
"cve": "CVE-2016-3427",
"discovery_date": "2016-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1328210"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unrestricted deserialization of authentication credentials (JMX, 8144430)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-3427"
},
{
"category": "external",
"summary": "RHBZ#1328210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328210"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-3427",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3427"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3427",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3427"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2016-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-12T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: unrestricted deserialization of authentication credentials (JMX, 8144430)"
},
{
"cve": "CVE-2016-3443",
"discovery_date": "2016-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1328618"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D. NOTE: the previous information is from the April 2016 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information via crafted font data, which triggers an out-of-bounds read.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-3443"
},
{
"category": "external",
"summary": "RHBZ#1328618",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328618"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-3443",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3443"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3443",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3443"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA"
}
],
"release_date": "2016-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)"
},
{
"cve": "CVE-2016-3449",
"discovery_date": "2016-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1328619"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Deployment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-3449"
},
{
"category": "external",
"summary": "RHBZ#1328619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328619"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-3449",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3449"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3449",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3449"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA"
}
],
"release_date": "2016-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T13:51:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of IBM Java.",
"product_ids": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.src",
"5Server-Satellite56:java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.7.0-ibm-devel-1:1.7.0.9.40-1jpp.1.el5.x86_64",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-0:2.0.2-109.el5sat.src",
"5Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el5sat.noarch",
"5Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el5sat.noarch",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-0:2.0.2-109.el6sat.src",
"6Server-Satellite56:spacewalk-java-config-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-lib-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-oracle-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-java-postgresql-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite56:spacewalk-taskomatic-0:2.0.2-109.el6sat.noarch",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.src",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.3.40-1jpp.1.el6_7.x86_64",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-0:2.3.8-146.el6sat.src",
"6Server-Satellite57:spacewalk-java-config-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-lib-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-oracle-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-java-postgresql-0:2.3.8-146.el6sat.noarch",
"6Server-Satellite57:spacewalk-taskomatic-0:2.3.8-146.el6sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (Deployment)"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…