Updated java-1.7.0-ibm packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 5 Supplementary.Red Hat Product Security has rated this update as having Critical securityimpact. Common Vulnerability Scoring System (CVSS) base scores, which givedetailed severity ratings, are available for each vulnerability from theCVE links in the References section.

IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBMJava Software Development Kit.This update fixes several vulnerabilities in the IBM Java RuntimeEnvironment and the IBM Java Software Development Kit. Detailedvulnerability descriptions are linked from the IBM Security alertspage, listed in the References section. (CVE-2014-6549, CVE-2014-6585,CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-8891, CVE-2014-8892,CVE-2015-0403, CVE-2015-0406, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410,CVE-2015-0412)All users of java-1.7.0-ibm are advised to upgrade to these updatedpackages, containing the IBM Java SE 7 SR8-FP10 release. All runninginstances of IBM Java must be restarted for the update to take effect.
Before applying this update, make sure all previously released erratarelevant to your system have been applied.This update is available via the Red Hat Network. Details on how touse the Red Hat Network to apply this update are available athttps://access.redhat.com/articles/11258RHEL Desktop Supplementary (v. 5 client)

IA-32:
java-1.7.0-ibm-1.7.0.8.10-1jpp.4.el5.i386.rpm
    MD5: 85fabfb2d67527dd16ba739654c473d4SHA-256: 24d50ffd3dd2a8644c708782ca62cf1ce1c6228716736bb4920dfd5b5e8bda04
java-1.7.0-ibm-demo-1.7.0.8.10-1jpp.4.el5.i386.rpm
    MD5: 402f39e8b2ecd372e6939a5aac370f15SHA-256: 7ea4806982dd1e60660810626bed12c880ae2e0e99928a88366442aeeb5cfba8
java-1.7.0-ibm-devel-1.7.0.8.10-1jpp.4.el5.i386.rpm
    MD5: bebe6021bdcfc034968b4da4af59434dSHA-256: 3a662390896f36e80aa676b41ce0a728f787916b98c2e8304afb8384a076bf05
java-1.7.0-ibm-jdbc-1.7.0.8.10-1jpp.4.el5.i386.rpm
    MD5: a4963b398f96bc7caa1706123bc0318fSHA-256: 8c339cc93fe939eb93e392b0c079e80d2baaf45dd4b32d1f20c73ae1345659cc
java-1.7.0-ibm-plugin-1.7.0.8.10-1jpp.4.el5.i386.rpm
    MD5: 4aeff5a685f9c1088f8c0df219891954SHA-256: eb03b26d9a162cf0c1289cb0d5ddef777846ca8f4f057bab8c4e3b5415ff1d1d
java-1.7.0-ibm-src-1.7.0.8.10-1jpp.4.el5.i386.rpm
    MD5: 31cd70b360338103943f1cdcf49b2960SHA-256: 7a2851476ac325d97189d9c5392b39209e8c92362e647b5d0251fbb49b3e1069
 
x86_64:
java-1.7.0-ibm-1.7.0.8.10-1jpp.4.el5.i386.rpm
    MD5: 85fabfb2d67527dd16ba739654c473d4SHA-256: 24d50ffd3dd2a8644c708782ca62cf1ce1c6228716736bb4920dfd5b5e8bda04
java-1.7.0-ibm-1.7.0.8.10-1jpp.4.el5.x86_64.rpm
    MD5: d4178c59e9989124d35ca9815cc739d8SHA-256: c4d9bafcb377e7546322fcda10f4f21e7704b3dd9830c394162e8392f56f2089
java-1.7.0-ibm-demo-1.7.0.8.10-1jpp.4.el5.i386.rpm
    MD5: 402f39e8b2ecd372e6939a5aac370f15SHA-256: 7ea4806982dd1e60660810626bed12c880ae2e0e99928a88366442aeeb5cfba8
java-1.7.0-ibm-demo-1.7.0.8.10-1jpp.4.el5.x86_64.rpm
    MD5: c9d77f4a11b9b7f8fd19bd7d43845018SHA-256: ce93ccf28ee9759f5f41d654471837d769dcd2e4d3a1a0fc994f8505a7c72027
java-1.7.0-ibm-devel-1.7.0.8.10-1jpp.4.el5.i386.rpm
    MD5: bebe6021bdcfc034968b4da4af59434dSHA-256: 3a662390896f36e80aa676b41ce0a728f787916b98c2e8304afb8384a076bf05
java-1.7.0-ibm-devel-1.7.0.8.10-1jpp.4.el5.x86_64.rpm
    MD5: 22d55f1809d6bd7e8b7b0009c147981bSHA-256: fda4a93d38d1893c1f2ba88f53b8c2d1b43cd52c5bf6620e4579924f4c5766fb
java-1.7.0-ibm-jdbc-1.7.0.8.10-1jpp.4.el5.i386.rpm
    MD5: a4963b398f96bc7caa1706123bc0318fSHA-256: 8c339cc93fe939eb93e392b0c079e80d2baaf45dd4b32d1f20c73ae1345659cc
java-1.7.0-ibm-jdbc-1.7.0.8.10-1jpp.4.el5.x86_64.rpm
    MD5: c772db132f1c213ae713b59c751ff165SHA-256: ff570e20eaccb4a1c0fad18e4c8f4636867abb884810e68af8aa80fa6cfe8f31
java-1.7.0-ibm-plugin-1.7.0.8.10-1jpp.4.el5.i386.rpm
    MD5: 4aeff5a685f9c1088f8c0df219891954SHA-256: eb03b26d9a162cf0c1289cb0d5ddef777846ca8f4f057bab8c4e3b5415ff1d1d
java-1.7.0-ibm-plugin-1.7.0.8.10-1jpp.4.el5.x86_64.rpm
    MD5: f908cb4595981977c0e5f6677cc89ccaSHA-256: adb2607f0e63031ca120dfdd08b5c5e9672bf11851be7dbbd25b3fb29a57745e
java-1.7.0-ibm-src-1.7.0.8.10-1jpp.4.el5.i386.rpm
    MD5: 31cd70b360338103943f1cdcf49b2960SHA-256: 7a2851476ac325d97189d9c5392b39209e8c92362e647b5d0251fbb49b3e1069
java-1.7.0-ibm-src-1.7.0.8.10-1jpp.4.el5.x86_64.rpm
    MD5: 359624d6a96cc156b881639f6c50846fSHA-256: bfdd010ee97b13c25317e714d1c2bc10b657a55370137411b7eb20904c94995f
 
RHEL Supplementary (v. 5 server)

IA-32:
java-1.7.0-ibm-1.7.0.8.10-1jpp.4.el5.i386.rpm
    MD5: 85fabfb2d67527dd16ba739654c473d4SHA-256: 24d50ffd3dd2a8644c708782ca62cf1ce1c6228716736bb4920dfd5b5e8bda04
java-1.7.0-ibm-demo-1.7.0.8.10-1jpp.4.el5.i386.rpm
    MD5: 402f39e8b2ecd372e6939a5aac370f15SHA-256: 7ea4806982dd1e60660810626bed12c880ae2e0e99928a88366442aeeb5cfba8
java-1.7.0-ibm-devel-1.7.0.8.10-1jpp.4.el5.i386.rpm
    MD5: bebe6021bdcfc034968b4da4af59434dSHA-256: 3a662390896f36e80aa676b41ce0a728f787916b98c2e8304afb8384a076bf05
java-1.7.0-ibm-jdbc-1.7.0.8.10-1jpp.4.el5.i386.rpm
    MD5: a4963b398f96bc7caa1706123bc0318fSHA-256: 8c339cc93fe939eb93e392b0c079e80d2baaf45dd4b32d1f20c73ae1345659cc
java-1.7.0-ibm-plugin-1.7.0.8.10-1jpp.4.el5.i386.rpm
    MD5: 4aeff5a685f9c1088f8c0df219891954SHA-256: eb03b26d9a162cf0c1289cb0d5ddef777846ca8f4f057bab8c4e3b5415ff1d1d
java-1.7.0-ibm-src-1.7.0.8.10-1jpp.4.el5.i386.rpm
    MD5: 31cd70b360338103943f1cdcf49b2960SHA-256: 7a2851476ac325d97189d9c5392b39209e8c92362e647b5d0251fbb49b3e1069
 
PPC:
java-1.7.0-ibm-1.7.0.8.10-1jpp.4.el5.ppc.rpm
    MD5: 9da11b7ff3db6e549356b09b422b91f7SHA-256: 471f995e30c50cfe1f1a95b81de66f49a2d9d5f1e53120dc96e4ed0cacb9bb7a
java-1.7.0-ibm-1.7.0.8.10-1jpp.4.el5.ppc64.rpm
    MD5: 9e1977ce34d8a025dff73ac3d72a28adSHA-256: acbece6e98060714b3b5191cbb12a46d4465e0437010b77d178dc1b803cb971a
java-1.7.0-ibm-demo-1.7.0.8.10-1jpp.4.el5.ppc.rpm
    MD5: 3a3700e532284b6f066b083e25ae3480SHA-256: 7afd9599174b548f2cc5780522f08ce83e1580f95ceda06a31eecffe6843a931
java-1.7.0-ibm-demo-1.7.0.8.10-1jpp.4.el5.ppc64.rpm
    MD5: e99449d09e5db62fbb8494bf550bff29SHA-256: 07b58f7e81a349aa8d50e0a1f7e7cfb784a29cd26c9d5dde28ddddab98d5f2c3
java-1.7.0-ibm-devel-1.7.0.8.10-1jpp.4.el5.ppc.rpm
    MD5: b8502b722ff00293c1d3e80b2ec6522eSHA-256: ffc61b90f9ecdc43c024964922446227d27a702d1eaaf0ecf9942833e48fdf78
java-1.7.0-ibm-devel-1.7.0.8.10-1jpp.4.el5.ppc64.rpm
    MD5: f8a63afcded5b7beede3583e3bbf4c9aSHA-256: 596948976294de57b9b0caf3c6bc8e2d627c4beb256e2484d3137674b2f8b56a
java-1.7.0-ibm-jdbc-1.7.0.8.10-1jpp.4.el5.ppc.rpm
    MD5: 42833ecdfe5cb8b9eb8121ee26b3b02bSHA-256: b683676f7ab51e9af97d4006d484ec5b458a158f6cfac7a3b29139569516eec6
java-1.7.0-ibm-jdbc-1.7.0.8.10-1jpp.4.el5.ppc64.rpm
    MD5: dd0bcf5c30b59f0d224b72c811e18118SHA-256: a7dc30dbed4f1532c1cbbd2e6ef7d7d975c922fe2f5340887452255e85f55940
java-1.7.0-ibm-plugin-1.7.0.8.10-1jpp.4.el5.ppc.rpm
    MD5: 0ac8efc1f2b6219ec15976a7724b5033SHA-256: 9cc6ab488419e87ced1acc7907c8fc2dcdc36bc6824af8319f375e6044ee0ccd
java-1.7.0-ibm-src-1.7.0.8.10-1jpp.4.el5.ppc.rpm
    MD5: 85243d15c286657013762f6d4dc93a86SHA-256: 9881a23f4069209eac6f987dea7b0b1902280db3b0eb9bcd8b5f72a6621b1937
java-1.7.0-ibm-src-1.7.0.8.10-1jpp.4.el5.ppc64.rpm
    MD5: f04bf68428a9c01b8fa64c9d3c4abce5SHA-256: 96eb902cdc92b10412fe07582f6c4ca8e390d4d1f87e67cfb26f1ae2ebe104bb
 
s390x:
java-1.7.0-ibm-1.7.0.8.10-1jpp.4.el5.s390.rpm
    MD5: 8b12f88b997fceef8d81d9203646217dSHA-256: c0d1e3c02de6e9205558628b3436431257c55f427c4a4573d12947070cf1b4c7
java-1.7.0-ibm-1.7.0.8.10-1jpp.4.el5.s390x.rpm
    MD5: 7c923807978a0ce12f9243d6619cbf97SHA-256: 6363e7ebc395d4ae01208ca2e8d63dea043fa344fbe7be96c34fc7d6a6366521
java-1.7.0-ibm-demo-1.7.0.8.10-1jpp.4.el5.s390.rpm
    MD5: 1a162afe0347c964de59d3299f993a3dSHA-256: 4d5853f150570d026d74bfabdf44281fe5218ae5826c4902d260c0134bd560d6
java-1.7.0-ibm-demo-1.7.0.8.10-1jpp.4.el5.s390x.rpm
    MD5: 7a20170767f72f19a323d1c0da9d2060SHA-256: e636211b44a7e06452f6aeec045f610e66ffb5e44d102186e078ba7a41886d7f
java-1.7.0-ibm-devel-1.7.0.8.10-1jpp.4.el5.s390.rpm
    MD5: bd20e80ba4c72450384767fc1f5de222SHA-256: 635e50999603bfc6f5f6d80f6a254d91f7406d5ee4c86a39985c5677cecd0c26
java-1.7.0-ibm-devel-1.7.0.8.10-1jpp.4.el5.s390x.rpm
    MD5: 7ac02b7b7ad279a158f1d8d343737668SHA-256: 927776b980c20fdcd63f76bff947cdd5d6ad1eaf0465e70922a762e2098df741
java-1.7.0-ibm-jdbc-1.7.0.8.10-1jpp.4.el5.s390.rpm
    MD5: c41f2862abedabb9608f249310232d64SHA-256: b679bc0afed4eb012600674c1680797066d0cc7f8a96a2981720a5b46e84f371
java-1.7.0-ibm-jdbc-1.7.0.8.10-1jpp.4.el5.s390x.rpm
    MD5: d03f647ec722a4dc96acf97532d70b90SHA-256: edbc2aac9b8ac834fde636f172ffe4722d78576769c0d794dfb60a4afa7e36e3
java-1.7.0-ibm-src-1.7.0.8.10-1jpp.4.el5.s390.rpm
    MD5: 00d0bab726e5dbf8e2c520af7a56546fSHA-256: e31fde795a8d19d00e3f8463d786bd828bce4b4f3571fbd0700fcd0511d2ee5f
java-1.7.0-ibm-src-1.7.0.8.10-1jpp.4.el5.s390x.rpm
    MD5: 2801b89f001c01292809347ca44d95adSHA-256: e5d4cc81ea3e1b29e4cdab7da691dd95f37ea039980c5d8908c146efdb2b387d
 
x86_64:
java-1.7.0-ibm-1.7.0.8.10-1jpp.4.el5.i386.rpm
    MD5: 85fabfb2d67527dd16ba739654c473d4SHA-256: 24d50ffd3dd2a8644c708782ca62cf1ce1c6228716736bb4920dfd5b5e8bda04
java-1.7.0-ibm-1.7.0.8.10-1jpp.4.el5.x86_64.rpm
    MD5: d4178c59e9989124d35ca9815cc739d8SHA-256: c4d9bafcb377e7546322fcda10f4f21e7704b3dd9830c394162e8392f56f2089
java-1.7.0-ibm-demo-1.7.0.8.10-1jpp.4.el5.i386.rpm
    MD5: 402f39e8b2ecd372e6939a5aac370f15SHA-256: 7ea4806982dd1e60660810626bed12c880ae2e0e99928a88366442aeeb5cfba8
java-1.7.0-ibm-demo-1.7.0.8.10-1jpp.4.el5.x86_64.rpm
    MD5: c9d77f4a11b9b7f8fd19bd7d43845018SHA-256: ce93ccf28ee9759f5f41d654471837d769dcd2e4d3a1a0fc994f8505a7c72027
java-1.7.0-ibm-devel-1.7.0.8.10-1jpp.4.el5.i386.rpm
    MD5: bebe6021bdcfc034968b4da4af59434dSHA-256: 3a662390896f36e80aa676b41ce0a728f787916b98c2e8304afb8384a076bf05
java-1.7.0-ibm-devel-1.7.0.8.10-1jpp.4.el5.x86_64.rpm
    MD5: 22d55f1809d6bd7e8b7b0009c147981bSHA-256: fda4a93d38d1893c1f2ba88f53b8c2d1b43cd52c5bf6620e4579924f4c5766fb
java-1.7.0-ibm-jdbc-1.7.0.8.10-1jpp.4.el5.i386.rpm
    MD5: a4963b398f96bc7caa1706123bc0318fSHA-256: 8c339cc93fe939eb93e392b0c079e80d2baaf45dd4b32d1f20c73ae1345659cc
java-1.7.0-ibm-jdbc-1.7.0.8.10-1jpp.4.el5.x86_64.rpm
    MD5: c772db132f1c213ae713b59c751ff165SHA-256: ff570e20eaccb4a1c0fad18e4c8f4636867abb884810e68af8aa80fa6cfe8f31
java-1.7.0-ibm-plugin-1.7.0.8.10-1jpp.4.el5.i386.rpm
    MD5: 4aeff5a685f9c1088f8c0df219891954SHA-256: eb03b26d9a162cf0c1289cb0d5ddef777846ca8f4f057bab8c4e3b5415ff1d1d
java-1.7.0-ibm-plugin-1.7.0.8.10-1jpp.4.el5.x86_64.rpm
    MD5: f908cb4595981977c0e5f6677cc89ccaSHA-256: adb2607f0e63031ca120dfdd08b5c5e9672bf11851be7dbbd25b3fb29a57745e
java-1.7.0-ibm-src-1.7.0.8.10-1jpp.4.el5.i386.rpm
    MD5: 31cd70b360338103943f1cdcf49b2960SHA-256: 7a2851476ac325d97189d9c5392b39209e8c92362e647b5d0251fbb49b3e1069
java-1.7.0-ibm-src-1.7.0.8.10-1jpp.4.el5.x86_64.rpm
    MD5: 359624d6a96cc156b881639f6c50846fSHA-256: bfdd010ee97b13c25317e714d1c2bc10b657a55370137411b7eb20904c94995f
 
(The unlinked packages above are only available from the Red Hat Network)
1183021 – CVE-2015-0412 OpenJDK: insufficient code privileges checks (JAX-WS, 8054367)1183023 – CVE-2015-0408 OpenJDK: incorrect context class loader use in RMI transport (RMI, 8055309)1183043 – CVE-2015-0407 OpenJDK: directory information leak via file chooser (Swing, 8055304)1183044 – CVE-2015-0410 OpenJDK: DER decoder infinite loop (Security, 8059485)1183049 – CVE-2014-6593 OpenJDK: incorrect tracking of ChangeCipherSpec during SSL/TLS handshake (JSSE, 8057555)1183645 – CVE-2014-6585 ICU: font parsing OOB read (OpenJDK 2D, 8055489)1183646 – CVE-2014-6591 ICU: font parsing OOB read (OpenJDK 2D, 8056276)1183660 – CVE-2014-6549 OpenJDK: incorrect class loader permission check in ClassLoader getParent() (Libraries, 8055314)1183715 – CVE-2014-6587 OpenJDK: MulticastSocket NULL pointer dereference (Libraries, 8056264)1184275 – CVE-2015-0403 Oracle JDK: unspecified vulnerability fixed in 6u91, 7u75 and 8u31 (Deployment)1184277 – CVE-2015-0406 Oracle JDK: unspecified vulnerability fixed in 6u91, 7u75 and 8u31 (Deployment)1189142 – CVE-2014-8891 IBM JDK: unspecified full Java sandbox bypass fixed in Feb 2015 update1189145 – CVE-2014-8892 IBM JDK: unspecified partial Java sandbox bypass fixed in Feb 2015 update

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from:

Leave a Reply