An update for java-1.7.0-ibm is now available for Red Hat Enterprise Linux 5Supplementary.Red Hat Product Security has rated this update as having a security impact ofCritical.

A Common Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.

IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM JavaSoftware Development Kit.This update upgrades IBM Java SE 7 to version 7 SR9-FP40.Security Fix(es):* This update fixes multiple vulnerabilities in the IBM Java Runtime Environmentand the IBM Java Software Development Kit.

Further information about these flawscan be found on the IBM Java Security alerts page, listed in the Referencessection. (CVE-2016-0264, CVE-2016-0363, CVE-2016-0376, CVE-2016-0686,CVE-2016-0687, CVE-2016-3422, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443,CVE-2016-3449)
For details on how to apply this update, which includes the changes described inthis advisory, refer to:https://access.redhat.com/articles/11258All running instances of IBM Java must be restarted for this update to takeeffect.RHEL Desktop Supplementary (v. 5 client)

IA-32:
java-1.7.0-ibm-1.7.0.9.40-1jpp.1.el5.i386.rpm
    MD5: 97caf37e08301fd300db9f466043e66cSHA-256: 3775bbebb1805a500da89620361e0277fc12cd28a383fe0095f5c2785cc2d00a
java-1.7.0-ibm-demo-1.7.0.9.40-1jpp.1.el5.i386.rpm
    MD5: 04a7e75989de9d9081a2460ab4690a80SHA-256: 46738acc2f00d391761a5e5b1d5453f4b98c5fc023787d145744d5f2b5d7e6b5
java-1.7.0-ibm-devel-1.7.0.9.40-1jpp.1.el5.i386.rpm
    MD5: 15c119eb97fa7598cd20077dbd3c960fSHA-256: 81101fc08088e003ba84e9b2ba09a0ec1df0e7b4d4d110d02f82847b74f36b76
java-1.7.0-ibm-jdbc-1.7.0.9.40-1jpp.1.el5.i386.rpm
    MD5: d458b096c9e92bf627cadc66b05f4f3dSHA-256: b34d752f2b8ab3c110b6db6fb4c9381b6f5d998486754d5390f64f68d7b88104
java-1.7.0-ibm-plugin-1.7.0.9.40-1jpp.1.el5.i386.rpm
    MD5: 773880b0a5e5eda619509147bb90041cSHA-256: 9f592df552b9bfd53662f018a0557f0c29db349c6fd4a9a498b545c8b4d6c88e
java-1.7.0-ibm-src-1.7.0.9.40-1jpp.1.el5.i386.rpm
    MD5: 90128df73c8d89963394e2e7437d70f7SHA-256: cf836a36a5a94ba8ca333d898477f0d309f2edabad79821541d4c831364660c9
 
x86_64:
java-1.7.0-ibm-1.7.0.9.40-1jpp.1.el5.i386.rpm
    MD5: 97caf37e08301fd300db9f466043e66cSHA-256: 3775bbebb1805a500da89620361e0277fc12cd28a383fe0095f5c2785cc2d00a
java-1.7.0-ibm-1.7.0.9.40-1jpp.1.el5.x86_64.rpm
    MD5: d14e39a17230e608fdc0b2aed1467b09SHA-256: fd49c9b763f60d8a85378342932584291ccb55b920443f89edff242be26ac71b
java-1.7.0-ibm-demo-1.7.0.9.40-1jpp.1.el5.i386.rpm
    MD5: 04a7e75989de9d9081a2460ab4690a80SHA-256: 46738acc2f00d391761a5e5b1d5453f4b98c5fc023787d145744d5f2b5d7e6b5
java-1.7.0-ibm-demo-1.7.0.9.40-1jpp.1.el5.x86_64.rpm
    MD5: e9c5978f719e278d9f1f10ce5e0f1309SHA-256: a66df5d05823a760fe02640fdcf46f49cb258d7d12c02fa492d5b8fab1236e43
java-1.7.0-ibm-devel-1.7.0.9.40-1jpp.1.el5.i386.rpm
    MD5: 15c119eb97fa7598cd20077dbd3c960fSHA-256: 81101fc08088e003ba84e9b2ba09a0ec1df0e7b4d4d110d02f82847b74f36b76
java-1.7.0-ibm-devel-1.7.0.9.40-1jpp.1.el5.x86_64.rpm
    MD5: 931b8d76343a8296760b7a2719b92f41SHA-256: f4babb3c1ac660cf0fe1b9914f7a039681d548e0740b32ad7c1d1cb34ec20cd1
java-1.7.0-ibm-jdbc-1.7.0.9.40-1jpp.1.el5.i386.rpm
    MD5: d458b096c9e92bf627cadc66b05f4f3dSHA-256: b34d752f2b8ab3c110b6db6fb4c9381b6f5d998486754d5390f64f68d7b88104
java-1.7.0-ibm-jdbc-1.7.0.9.40-1jpp.1.el5.x86_64.rpm
    MD5: 436131e53a8c2891aae2cc54aef26b6fSHA-256: a858c939c5e99fb5b2219059b8686062beeb74af70f6e1fa12426205f3d22b66
java-1.7.0-ibm-plugin-1.7.0.9.40-1jpp.1.el5.i386.rpm
    MD5: 773880b0a5e5eda619509147bb90041cSHA-256: 9f592df552b9bfd53662f018a0557f0c29db349c6fd4a9a498b545c8b4d6c88e
java-1.7.0-ibm-plugin-1.7.0.9.40-1jpp.1.el5.x86_64.rpm
    MD5: 6ab4c3735c90f313468e6540db22f5e6SHA-256: 2940e7712561184803c158dd4bed39d5c129bec768304203705e0fa44aeb6273
java-1.7.0-ibm-src-1.7.0.9.40-1jpp.1.el5.i386.rpm
    MD5: 90128df73c8d89963394e2e7437d70f7SHA-256: cf836a36a5a94ba8ca333d898477f0d309f2edabad79821541d4c831364660c9
java-1.7.0-ibm-src-1.7.0.9.40-1jpp.1.el5.x86_64.rpm
    MD5: 0f797d3458a7b12b01e5113ad78ee386SHA-256: a63dc5731e936485bfdfe54a0cd1c37586f23ed73e4b987ca1a08f7445cc0190
 
RHEL Supplementary (v. 5 server)

IA-32:
java-1.7.0-ibm-1.7.0.9.40-1jpp.1.el5.i386.rpm
    MD5: 97caf37e08301fd300db9f466043e66cSHA-256: 3775bbebb1805a500da89620361e0277fc12cd28a383fe0095f5c2785cc2d00a
java-1.7.0-ibm-demo-1.7.0.9.40-1jpp.1.el5.i386.rpm
    MD5: 04a7e75989de9d9081a2460ab4690a80SHA-256: 46738acc2f00d391761a5e5b1d5453f4b98c5fc023787d145744d5f2b5d7e6b5
java-1.7.0-ibm-devel-1.7.0.9.40-1jpp.1.el5.i386.rpm
    MD5: 15c119eb97fa7598cd20077dbd3c960fSHA-256: 81101fc08088e003ba84e9b2ba09a0ec1df0e7b4d4d110d02f82847b74f36b76
java-1.7.0-ibm-jdbc-1.7.0.9.40-1jpp.1.el5.i386.rpm
    MD5: d458b096c9e92bf627cadc66b05f4f3dSHA-256: b34d752f2b8ab3c110b6db6fb4c9381b6f5d998486754d5390f64f68d7b88104
java-1.7.0-ibm-plugin-1.7.0.9.40-1jpp.1.el5.i386.rpm
    MD5: 773880b0a5e5eda619509147bb90041cSHA-256: 9f592df552b9bfd53662f018a0557f0c29db349c6fd4a9a498b545c8b4d6c88e
java-1.7.0-ibm-src-1.7.0.9.40-1jpp.1.el5.i386.rpm
    MD5: 90128df73c8d89963394e2e7437d70f7SHA-256: cf836a36a5a94ba8ca333d898477f0d309f2edabad79821541d4c831364660c9
 
PPC:
java-1.7.0-ibm-1.7.0.9.40-1jpp.1.el5.ppc.rpm
    MD5: ce78527d83a892c760d917f749ee8d98SHA-256: 3a73ce72894024c07d803959396eefb6741c62d61df9e8ee43f733fb38160d9b
java-1.7.0-ibm-1.7.0.9.40-1jpp.1.el5.ppc64.rpm
    MD5: 11dc8dea45aaef6b1e2dbea26f23050eSHA-256: d728d8566584bbd1bf1a64b2d38ba8e1da861f561cab7ee2a41e2e5c0b30e6a1
java-1.7.0-ibm-demo-1.7.0.9.40-1jpp.1.el5.ppc.rpm
    MD5: fcc6f5645da105ede7434766c42c2318SHA-256: 687c69343e7bb5a395b8fd9938ccba3ab15dfb25979e0feb360544831aef3642
java-1.7.0-ibm-demo-1.7.0.9.40-1jpp.1.el5.ppc64.rpm
    MD5: 26efbb67794c58cdc8a748dfcf23ce90SHA-256: 7217baeccaf31318e2b2a242427397d5dcff74f51cb33e1ff60eae5b8fc2dd6e
java-1.7.0-ibm-devel-1.7.0.9.40-1jpp.1.el5.ppc.rpm
    MD5: ff6bf7e68813587aff01d9810d749d56SHA-256: 4401514522daee760460e735ace0edf05c90b1086b63a6020540cb5be6d38d3c
java-1.7.0-ibm-devel-1.7.0.9.40-1jpp.1.el5.ppc64.rpm
    MD5: ab9c0b7c0c3e27ba4ff8bf8f411d3759SHA-256: 5c50cf94b0d57395ff1128d92942d638c8a69e2057da9f4cdfc34110a09f3dc6
java-1.7.0-ibm-jdbc-1.7.0.9.40-1jpp.1.el5.ppc.rpm
    MD5: 0e10173cbbb9e4b7c623ebe7bfc8c3beSHA-256: 5c1bbaa89cd3c51c91c47b4b937071bc9ab465401274b1f28ec81925321dd09f
java-1.7.0-ibm-jdbc-1.7.0.9.40-1jpp.1.el5.ppc64.rpm
    MD5: f0fe3bae62b1cf5a27f632e572a0098eSHA-256: e523f872ce17fed9b166b5ad06a5426e5bf030285c713054851e9c78ef0f199b
java-1.7.0-ibm-plugin-1.7.0.9.40-1jpp.1.el5.ppc.rpm
    MD5: a33c64bbca023ed3038c92d23f3077b9SHA-256: b14d78cbecb65d59dab891ecdfa39ac7f7c3a435b2e9b838fb4038d825a4ad1a
java-1.7.0-ibm-src-1.7.0.9.40-1jpp.1.el5.ppc.rpm
    MD5: 70808e8b7d9123905ded58ffd85dad6bSHA-256: 82d52e09aa29e8e7227a8e4e4d3d5fe9558f4236710986c6d7a981a857f170d0
java-1.7.0-ibm-src-1.7.0.9.40-1jpp.1.el5.ppc64.rpm
    MD5: 3866906ec207a3f46b3f885c2e34a778SHA-256: c758be926d99f5db2647db4ef8d1e3c9dacb82fcd7ca12fab256d7e266d16969
 
s390x:
java-1.7.0-ibm-1.7.0.9.40-1jpp.1.el5.s390.rpm
    MD5: 33f764502a48b05e0ef453408521a5acSHA-256: 869359ac6ff42a350d7d171ff98f6e73e19dcdcb4c372abab09afae7905c5e98
java-1.7.0-ibm-1.7.0.9.40-1jpp.1.el5.s390x.rpm
    MD5: 0f80dff0249ade456ff59f4e2782a683SHA-256: 135ec105af849f374c31dcc4903412035ab902a8e6db4f8c610c92388da5afb1
java-1.7.0-ibm-demo-1.7.0.9.40-1jpp.1.el5.s390.rpm
    MD5: 2567b14c2b8b88acb567541e79d48100SHA-256: e8566554a43fd3299fbec0bc56e5344891d0fc80986be25d391d3a07071aadbe
java-1.7.0-ibm-demo-1.7.0.9.40-1jpp.1.el5.s390x.rpm
    MD5: d794fb3ddce9bc74c60754aa43f4ae3dSHA-256: 50ecc1c020b7d2719e7e9f334facf0549696f0ba44bc93b024364f967118cb04
java-1.7.0-ibm-devel-1.7.0.9.40-1jpp.1.el5.s390.rpm
    MD5: 17db9e2ff93ff7abbfa769346c89e946SHA-256: 822d75d45ca75a51d732e29e0ff37efb5fb263a7915ba9157f5e3f450f473b2c
java-1.7.0-ibm-devel-1.7.0.9.40-1jpp.1.el5.s390x.rpm
    MD5: b9821f1f363f6503029550113d573e12SHA-256: 4a5966170194de804a0a72e0e5f146a45a96c9ba6472dc743e64114c14f5f6c3
java-1.7.0-ibm-jdbc-1.7.0.9.40-1jpp.1.el5.s390.rpm
    MD5: a2d4f39c51478422e2c95c16df573369SHA-256: ef1e05ae34c4234943e995ef5141f2891f207f59b3e0eeab6b0b36295d009e50
java-1.7.0-ibm-jdbc-1.7.0.9.40-1jpp.1.el5.s390x.rpm
    MD5: 07b2814f7e227fe238b143e7e795c6b9SHA-256: e3670653290528eaa96307d55b76682effadefa7559a598e96750973894f0452
java-1.7.0-ibm-src-1.7.0.9.40-1jpp.1.el5.s390.rpm
    MD5: 69111cea869817ec38396896356997c3SHA-256: f8572be43afeb8934627f97727dc93c4e652aedb669431dd1faf61ede79a23bc
java-1.7.0-ibm-src-1.7.0.9.40-1jpp.1.el5.s390x.rpm
    MD5: a34fc893ef9016443ad22a2ce815c123SHA-256: a44d00a6ecbd94f8c34390b482f53159a4ac390f9f49d98c7c3c9c9371aa18bd
 
x86_64:
java-1.7.0-ibm-1.7.0.9.40-1jpp.1.el5.i386.rpm
    MD5: 97caf37e08301fd300db9f466043e66cSHA-256: 3775bbebb1805a500da89620361e0277fc12cd28a383fe0095f5c2785cc2d00a
java-1.7.0-ibm-1.7.0.9.40-1jpp.1.el5.x86_64.rpm
    MD5: d14e39a17230e608fdc0b2aed1467b09SHA-256: fd49c9b763f60d8a85378342932584291ccb55b920443f89edff242be26ac71b
java-1.7.0-ibm-demo-1.7.0.9.40-1jpp.1.el5.i386.rpm
    MD5: 04a7e75989de9d9081a2460ab4690a80SHA-256: 46738acc2f00d391761a5e5b1d5453f4b98c5fc023787d145744d5f2b5d7e6b5
java-1.7.0-ibm-demo-1.7.0.9.40-1jpp.1.el5.x86_64.rpm
    MD5: e9c5978f719e278d9f1f10ce5e0f1309SHA-256: a66df5d05823a760fe02640fdcf46f49cb258d7d12c02fa492d5b8fab1236e43
java-1.7.0-ibm-devel-1.7.0.9.40-1jpp.1.el5.i386.rpm
    MD5: 15c119eb97fa7598cd20077dbd3c960fSHA-256: 81101fc08088e003ba84e9b2ba09a0ec1df0e7b4d4d110d02f82847b74f36b76
java-1.7.0-ibm-devel-1.7.0.9.40-1jpp.1.el5.x86_64.rpm
    MD5: 931b8d76343a8296760b7a2719b92f41SHA-256: f4babb3c1ac660cf0fe1b9914f7a039681d548e0740b32ad7c1d1cb34ec20cd1
java-1.7.0-ibm-jdbc-1.7.0.9.40-1jpp.1.el5.i386.rpm
    MD5: d458b096c9e92bf627cadc66b05f4f3dSHA-256: b34d752f2b8ab3c110b6db6fb4c9381b6f5d998486754d5390f64f68d7b88104
java-1.7.0-ibm-jdbc-1.7.0.9.40-1jpp.1.el5.x86_64.rpm
    MD5: 436131e53a8c2891aae2cc54aef26b6fSHA-256: a858c939c5e99fb5b2219059b8686062beeb74af70f6e1fa12426205f3d22b66
java-1.7.0-ibm-plugin-1.7.0.9.40-1jpp.1.el5.i386.rpm
    MD5: 773880b0a5e5eda619509147bb90041cSHA-256: 9f592df552b9bfd53662f018a0557f0c29db349c6fd4a9a498b545c8b4d6c88e
java-1.7.0-ibm-plugin-1.7.0.9.40-1jpp.1.el5.x86_64.rpm
    MD5: 6ab4c3735c90f313468e6540db22f5e6SHA-256: 2940e7712561184803c158dd4bed39d5c129bec768304203705e0fa44aeb6273
java-1.7.0-ibm-src-1.7.0.9.40-1jpp.1.el5.i386.rpm
    MD5: 90128df73c8d89963394e2e7437d70f7SHA-256: cf836a36a5a94ba8ca333d898477f0d309f2edabad79821541d4c831364660c9
java-1.7.0-ibm-src-1.7.0.9.40-1jpp.1.el5.x86_64.rpm
    MD5: 0f797d3458a7b12b01e5113ad78ee386SHA-256: a63dc5731e936485bfdfe54a0cd1c37586f23ed73e4b987ca1a08f7445cc0190
 
(The unlinked packages above are only available from the Red Hat Network)
1324044 – CVE-2016-0363 IBM JDK: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix1327743 – CVE-2016-0686 OpenJDK: insufficient thread consistency checks in ObjectInputStream (Serialization, 8129952)1327749 – CVE-2016-0687 OpenJDK: insufficient byte type checks (Hotspot, 8132051)1328059 – CVE-2016-3426 OpenJDK: non-constant time GCM authentication tag comparison (JCE, 8143945)1328210 – CVE-2016-3427 OpenJDK: unrestricted deserialization of authentication credentials (JMX, 8144430)1328618 – CVE-2016-3443 Oracle JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)1328619 – CVE-2016-3449 Oracle JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (Deployment)1328620 – CVE-2016-3422 Oracle JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)1330986 – CVE-2016-0376 IBM JDK: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix1331359 – CVE-2016-0264 IBM JDK: buffer overflow vulnerability in the IBM JVM

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from: