Updated java-1.8.0-ibm packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 7 Supplementary.Red Hat Product Security has rated this update as having Critical securityimpact. Common Vulnerability Scoring System (CVSS) base scores, which givedetailed severity ratings, are available for each vulnerability from theCVE links in the References section.

IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBMJava Software Development Kit.This update fixes several vulnerabilities in the IBM Java RuntimeEnvironment and the IBM Java Software Development Kit. Further informationabout these flaws can be found on the IBM Java Security alerts page, listedin the References section. (CVE-2015-5041, CVE-2015-7575, CVE-2015-8126,CVE-2015-8472, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0475,CVE-2016-0483, CVE-2016-0494)Note: This update also disallows the use of the MD5 hash algorithm in thecertification path processing. The use of MD5 can be re-enabled by removingMD5 from the jdk.certpath.disabledAlgorithms security property defined inthe java.security file.All users of java-1.8.0-ibm are advised to upgrade to these updatedpackages, containing the IBM Java SE 8 SR2-FP10 release. All runninginstances of IBM Java must be restarted for the update to take effect.
Before applying this update, make sure all previously released erratarelevant to your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258Red Hat Enterprise Linux Desktop Supplementary (v. 7)

x86_64:
java-1.8.0-ibm-1.8.0.2.10-1jpp.1.el7.i686.rpm
    MD5: 257e77ef5fe84b83bf9fa39da916a838SHA-256: 8ed5b43025b8980d51bdf565bec21576d0fb6122db013c02aa97362d973994b2
java-1.8.0-ibm-1.8.0.2.10-1jpp.1.el7.x86_64.rpm
    MD5: 25125ce1dd33ca63c8a84233067c62a9SHA-256: 35d5db3bb16d1ad98b04bac3011955f1ae57df2c9da45ae1e3e979ac2cbe6954
java-1.8.0-ibm-demo-1.8.0.2.10-1jpp.1.el7.x86_64.rpm
    MD5: 57924654c13e3ad587ea1bbce29ff1aaSHA-256: 1ee6514da54170a561d87a17a2b4cce960b0f00d32169d6f015ef35569a0bf71
java-1.8.0-ibm-devel-1.8.0.2.10-1jpp.1.el7.i686.rpm
    MD5: 4b02e18ac171bc915c4a1117d19a7b3aSHA-256: ceb5084e5f0137545a2685ed5ecf3ae4ba88aa5ca569eec78ba9f4ab98c51552
java-1.8.0-ibm-devel-1.8.0.2.10-1jpp.1.el7.x86_64.rpm
    MD5: e3379fa68ed6916850666c992522f918SHA-256: 3e2849869690e8072628be043d26f90a70df8716642d4d528d29e85c3db30b41
java-1.8.0-ibm-jdbc-1.8.0.2.10-1jpp.1.el7.x86_64.rpm
    MD5: 1f2ee47691df783b3f9fad18fa1387c1SHA-256: e070df74e70d78bf7d258b319309e9601ab781204a2646858c9a1e44bff497f2
java-1.8.0-ibm-plugin-1.8.0.2.10-1jpp.1.el7.x86_64.rpm
    MD5: 209111d88d83d7151b8c35aba738d84aSHA-256: 22a6012f34edf0d1b17bec1976b3781bb9cca770c26f9ce747e0badc746f293c
java-1.8.0-ibm-src-1.8.0.2.10-1jpp.1.el7.x86_64.rpm
    MD5: 316e4bac2d2d871ad63fbd1840c04455SHA-256: 272c552c1fcc493e603c5869d98e79e255b3b986ba39731abe9c8a7c4b88c6e7
 
Red Hat Enterprise Linux HPC Node Supplementary (v. 7)

x86_64:
java-1.8.0-ibm-1.8.0.2.10-1jpp.1.el7.i686.rpm
    MD5: 257e77ef5fe84b83bf9fa39da916a838SHA-256: 8ed5b43025b8980d51bdf565bec21576d0fb6122db013c02aa97362d973994b2
java-1.8.0-ibm-1.8.0.2.10-1jpp.1.el7.x86_64.rpm
    MD5: 25125ce1dd33ca63c8a84233067c62a9SHA-256: 35d5db3bb16d1ad98b04bac3011955f1ae57df2c9da45ae1e3e979ac2cbe6954
java-1.8.0-ibm-demo-1.8.0.2.10-1jpp.1.el7.x86_64.rpm
    MD5: 57924654c13e3ad587ea1bbce29ff1aaSHA-256: 1ee6514da54170a561d87a17a2b4cce960b0f00d32169d6f015ef35569a0bf71
java-1.8.0-ibm-devel-1.8.0.2.10-1jpp.1.el7.i686.rpm
    MD5: 4b02e18ac171bc915c4a1117d19a7b3aSHA-256: ceb5084e5f0137545a2685ed5ecf3ae4ba88aa5ca569eec78ba9f4ab98c51552
java-1.8.0-ibm-devel-1.8.0.2.10-1jpp.1.el7.x86_64.rpm
    MD5: e3379fa68ed6916850666c992522f918SHA-256: 3e2849869690e8072628be043d26f90a70df8716642d4d528d29e85c3db30b41
java-1.8.0-ibm-src-1.8.0.2.10-1jpp.1.el7.x86_64.rpm
    MD5: 316e4bac2d2d871ad63fbd1840c04455SHA-256: 272c552c1fcc493e603c5869d98e79e255b3b986ba39731abe9c8a7c4b88c6e7
 
Red Hat Enterprise Linux Server Supplementary (v. 7)

PPC:
java-1.8.0-ibm-1.8.0.2.10-1jpp.1.el7.ppc.rpm
    MD5: 4abde89c9c8aeaf20287ca3f24ee8839SHA-256: cd955b59cd091e122bdf40a16cca1a299c73cad994b529c5f309c40ba3cb5a5e
java-1.8.0-ibm-1.8.0.2.10-1jpp.1.el7.ppc64.rpm
    MD5: 65d4f2a94f884cb0f4d79f5c9e30e71dSHA-256: 7c1884cf688af7cd4a58c7b39e94ce8aa7ea72a3aab4bff4e8e83fb2a8d91520
java-1.8.0-ibm-demo-1.8.0.2.10-1jpp.1.el7.ppc64.rpm
    MD5: b268f9763a708fd3485d5baf3ce758d4SHA-256: 8215fe6eb8c048b866cd396d334bfb324339fc8d60cfb56ebb3bc647fff277b9
java-1.8.0-ibm-devel-1.8.0.2.10-1jpp.1.el7.ppc.rpm
    MD5: ca4e047da084a48aad82ba9b779bb8a7SHA-256: 96081c98b1224ebeb5c48274db31cf3ef796e80e4e4bb7641f87940ff83d22ee
java-1.8.0-ibm-devel-1.8.0.2.10-1jpp.1.el7.ppc64.rpm
    MD5: 9750b1fcfec74eaeecac038e25907612SHA-256: c25447ec0124464fa6cacf05253ced51fe0d7d6c160b3be11fdc215a98b76e8a
java-1.8.0-ibm-jdbc-1.8.0.2.10-1jpp.1.el7.ppc64.rpm
    MD5: d13b462091a49371bd6d8da6b5e8e592SHA-256: 77d6b0abb9ed049b20c45a596d767668b9c693ea626e0e4e26b497e013cb6aeb
java-1.8.0-ibm-plugin-1.8.0.2.10-1jpp.1.el7.ppc64.rpm
    MD5: ba7ed833f3281040cfafc8eae2b0b034SHA-256: 0f164911f967bc9027831250b6aed672fbf41e63f079061224781cc0a7d82be3
java-1.8.0-ibm-src-1.8.0.2.10-1jpp.1.el7.ppc64.rpm
    MD5: ca9712c098d5ad53d290b0a649c26e3eSHA-256: b8a0f776b60697bc18b962f3ceb0c941245b44580d0cbe489e3404cc5bc502b3
 
s390x:
java-1.8.0-ibm-1.8.0.2.10-1jpp.1.el7.s390.rpm
    MD5: 1e1830ea9b56d8dfaf0f9c586592b70aSHA-256: e342af72178693b2ed58c2396c9461998f8765ecd3219e479f796c465c85afad
java-1.8.0-ibm-1.8.0.2.10-1jpp.1.el7.s390x.rpm
    MD5: 1fcc9be0dc5594bc0ce1ab7c0abb23adSHA-256: f2a19789b2072a3b289a492996403940a5e900d9e0d6d2a2d5a06b6185ecf36d
java-1.8.0-ibm-demo-1.8.0.2.10-1jpp.1.el7.s390x.rpm
    MD5: c0a3812114b0597180b1aeb80842edbbSHA-256: 3791318288ba2ea4bd782a5c79adfe1be5e2f426c9f763813f40e04d9adf8b12
java-1.8.0-ibm-devel-1.8.0.2.10-1jpp.1.el7.s390.rpm
    MD5: 627bfe9444d7a8088a96805edbeb00f4SHA-256: b968ead8865c4b5fa99f23777c5da1ce261bb8a2848753c6542b11ba3f910a0d
java-1.8.0-ibm-devel-1.8.0.2.10-1jpp.1.el7.s390x.rpm
    MD5: 15d2f82471e440a07621e07aff6e1b87SHA-256: eed66ad51a21fa23019fd7edc0f20ffcbca9a8c17c28519ac9301f8e3461a9e5
java-1.8.0-ibm-jdbc-1.8.0.2.10-1jpp.1.el7.s390x.rpm
    MD5: ff460ca27cac02d0fe11894bbc70de53SHA-256: b1dd144f73636cb35272ae43f81bb7f2a9833ad581b07ccc7eb23b85ce54e453
java-1.8.0-ibm-src-1.8.0.2.10-1jpp.1.el7.s390x.rpm
    MD5: 6e1ddd33c888fac2f4b80b96e380d2b6SHA-256: bdf97f1466b15c7eae3d2984fcc0f6e1acb0ab7559706bdf198a990943b6174c
 
x86_64:
java-1.8.0-ibm-1.8.0.2.10-1jpp.1.el7.i686.rpm
    MD5: 257e77ef5fe84b83bf9fa39da916a838SHA-256: 8ed5b43025b8980d51bdf565bec21576d0fb6122db013c02aa97362d973994b2
java-1.8.0-ibm-1.8.0.2.10-1jpp.1.el7.x86_64.rpm
    MD5: 25125ce1dd33ca63c8a84233067c62a9SHA-256: 35d5db3bb16d1ad98b04bac3011955f1ae57df2c9da45ae1e3e979ac2cbe6954
java-1.8.0-ibm-demo-1.8.0.2.10-1jpp.1.el7.x86_64.rpm
    MD5: 57924654c13e3ad587ea1bbce29ff1aaSHA-256: 1ee6514da54170a561d87a17a2b4cce960b0f00d32169d6f015ef35569a0bf71
java-1.8.0-ibm-devel-1.8.0.2.10-1jpp.1.el7.i686.rpm
    MD5: 4b02e18ac171bc915c4a1117d19a7b3aSHA-256: ceb5084e5f0137545a2685ed5ecf3ae4ba88aa5ca569eec78ba9f4ab98c51552
java-1.8.0-ibm-devel-1.8.0.2.10-1jpp.1.el7.x86_64.rpm
    MD5: e3379fa68ed6916850666c992522f918SHA-256: 3e2849869690e8072628be043d26f90a70df8716642d4d528d29e85c3db30b41
java-1.8.0-ibm-jdbc-1.8.0.2.10-1jpp.1.el7.x86_64.rpm
    MD5: 1f2ee47691df783b3f9fad18fa1387c1SHA-256: e070df74e70d78bf7d258b319309e9601ab781204a2646858c9a1e44bff497f2
java-1.8.0-ibm-plugin-1.8.0.2.10-1jpp.1.el7.x86_64.rpm
    MD5: 209111d88d83d7151b8c35aba738d84aSHA-256: 22a6012f34edf0d1b17bec1976b3781bb9cca770c26f9ce747e0badc746f293c
java-1.8.0-ibm-src-1.8.0.2.10-1jpp.1.el7.x86_64.rpm
    MD5: 316e4bac2d2d871ad63fbd1840c04455SHA-256: 272c552c1fcc493e603c5869d98e79e255b3b986ba39731abe9c8a7c4b88c6e7
 
Red Hat Enterprise Linux Workstation Supplementary (v. 7)

x86_64:
java-1.8.0-ibm-1.8.0.2.10-1jpp.1.el7.i686.rpm
    MD5: 257e77ef5fe84b83bf9fa39da916a838SHA-256: 8ed5b43025b8980d51bdf565bec21576d0fb6122db013c02aa97362d973994b2
java-1.8.0-ibm-1.8.0.2.10-1jpp.1.el7.x86_64.rpm
    MD5: 25125ce1dd33ca63c8a84233067c62a9SHA-256: 35d5db3bb16d1ad98b04bac3011955f1ae57df2c9da45ae1e3e979ac2cbe6954
java-1.8.0-ibm-demo-1.8.0.2.10-1jpp.1.el7.x86_64.rpm
    MD5: 57924654c13e3ad587ea1bbce29ff1aaSHA-256: 1ee6514da54170a561d87a17a2b4cce960b0f00d32169d6f015ef35569a0bf71
java-1.8.0-ibm-devel-1.8.0.2.10-1jpp.1.el7.i686.rpm
    MD5: 4b02e18ac171bc915c4a1117d19a7b3aSHA-256: ceb5084e5f0137545a2685ed5ecf3ae4ba88aa5ca569eec78ba9f4ab98c51552
java-1.8.0-ibm-devel-1.8.0.2.10-1jpp.1.el7.x86_64.rpm
    MD5: e3379fa68ed6916850666c992522f918SHA-256: 3e2849869690e8072628be043d26f90a70df8716642d4d528d29e85c3db30b41
java-1.8.0-ibm-jdbc-1.8.0.2.10-1jpp.1.el7.x86_64.rpm
    MD5: 1f2ee47691df783b3f9fad18fa1387c1SHA-256: e070df74e70d78bf7d258b319309e9601ab781204a2646858c9a1e44bff497f2
java-1.8.0-ibm-plugin-1.8.0.2.10-1jpp.1.el7.x86_64.rpm
    MD5: 209111d88d83d7151b8c35aba738d84aSHA-256: 22a6012f34edf0d1b17bec1976b3781bb9cca770c26f9ce747e0badc746f293c
java-1.8.0-ibm-src-1.8.0.2.10-1jpp.1.el7.x86_64.rpm
    MD5: 316e4bac2d2d871ad63fbd1840c04455SHA-256: 272c552c1fcc493e603c5869d98e79e255b3b986ba39731abe9c8a7c4b88c6e7
 
(The unlinked packages above are only available from the Red Hat Network)
1281756 – CVE-2015-8126 CVE-2015-8472 libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions1289841 – CVE-2015-7575 TLS 1.2 Transcipt Collision attacks against MD5 in key exchange protocol (SLOTH)1298906 – CVE-2016-0494 ICU: integer signedness issue in IndicRearrangementProcessor (OpenJDK 2D, 8140543)1298949 – CVE-2016-0475 OpenJDK: PBE incorrect key lengths (Libraries, 8138589)1298957 – CVE-2016-0402 OpenJDK: URL deserialization inconsistencies (Networking, 8059054)1299073 – CVE-2016-0448 OpenJDK: logging of RMI connection secrets (JMX, 8130710)1299385 – CVE-2016-0466 OpenJDK: insufficient enforcement of totalEntitySizeLimit (JAXP, 8133962)1299441 – CVE-2016-0483 OpenJDK: incorrect boundary check in JPEG decoder (AWT, 8139017)1302689 – CVE-2015-5041 IBM JDK: J9 JVM allows code to invoke non-public interface methods

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from: