RHSA-2015:1020

Description

Red Hat Security Advisory: java-1.7.1-ibm security update

Affected Systems

• redhat•java-1.7.1-ibm

  < 1:1.7.1.3.0-1jpp.2.el6_6 | < 1:1.7.1.3.0-1jpp.2.el7_1

• redhat•java-1.7.1-ibm-demo

  < 1:1.7.1.3.0-1jpp.2.el6_6 | < 1:1.7.1.3.0-1jpp.2.el7_1

• redhat•java-1.7.1-ibm-devel

  < 1:1.7.1.3.0-1jpp.2.el6_6 | < 1:1.7.1.3.0-1jpp.2.el7_1

• redhat•java-1.7.1-ibm-jdbc

  < 1:1.7.1.3.0-1jpp.2.el6_6 | < 1:1.7.1.3.0-1jpp.2.el7_1

• redhat•java-1.7.1-ibm-plugin

  < 1:1.7.1.3.0-1jpp.2.el6_6 | < 1:1.7.1.3.0-1jpp.2.el7_1

• redhat•java-1.7.1-ibm-src

  < 1:1.7.1.3.0-1jpp.2.el6_6 | < 1:1.7.1.3.0-1jpp.2.el7_1

References (61)

• https://access.redhat.com/errata/RHSA-2015:1020
• https://access.redhat.com/security/updates/classification/#critical
• https://www.ibm.com/developerworks/java/jdk/alerts/
• https://bugzilla.redhat.com/show_bug.cgi?id=1207101#c4
• https://bugzilla.redhat.com/show_bug.cgi?id=606442
• https://bugzilla.redhat.com/show_bug.cgi?id=1207101
• https://bugzilla.redhat.com/show_bug.cgi?id=1210355
• https://bugzilla.redhat.com/show_bug.cgi?id=1210829
• https://bugzilla.redhat.com/show_bug.cgi?id=1211299
• https://bugzilla.redhat.com/show_bug.cgi?id=1211504
• https://bugzilla.redhat.com/show_bug.cgi?id=1211543
• https://bugzilla.redhat.com/show_bug.cgi?id=1211768
• https://bugzilla.redhat.com/show_bug.cgi?id=1211769
• https://bugzilla.redhat.com/show_bug.cgi?id=1211771
• https://bugzilla.redhat.com/show_bug.cgi?id=1219212
• https://bugzilla.redhat.com/show_bug.cgi?id=1219215
• https://bugzilla.redhat.com/show_bug.cgi?id=1219223
• https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1020.json
• https://access.redhat.com/security/cve/CVE-2005-1080
• https://www.cve.org/CVERecord?id=CVE-2005-1080
• https://nvd.nist.gov/vuln/detail/CVE-2005-1080
• https://access.redhat.com/security/cve/CVE-2015-0138
• https://www.cve.org/CVERecord?id=CVE-2015-0138
• https://nvd.nist.gov/vuln/detail/CVE-2015-0138
• https://access.redhat.com/security/cve/CVE-2015-0192
• https://www.cve.org/CVERecord?id=CVE-2015-0192
• https://nvd.nist.gov/vuln/detail/CVE-2015-0192
• https://access.redhat.com/security/cve/CVE-2015-0458
• https://www.cve.org/CVERecord?id=CVE-2015-0458
• https://nvd.nist.gov/vuln/detail/CVE-2015-0458
• http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA
• https://access.redhat.com/security/cve/CVE-2015-0459
• https://www.cve.org/CVERecord?id=CVE-2015-0459
• https://nvd.nist.gov/vuln/detail/CVE-2015-0459
• https://access.redhat.com/security/cve/CVE-2015-0469
• https://www.cve.org/CVERecord?id=CVE-2015-0469
• https://nvd.nist.gov/vuln/detail/CVE-2015-0469
• https://access.redhat.com/security/cve/CVE-2015-0477
• https://www.cve.org/CVERecord?id=CVE-2015-0477
• https://nvd.nist.gov/vuln/detail/CVE-2015-0477
• https://access.redhat.com/security/cve/CVE-2015-0478
• https://www.cve.org/CVERecord?id=CVE-2015-0478
• https://nvd.nist.gov/vuln/detail/CVE-2015-0478
• https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf
• https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/
• https://access.redhat.com/security/cve/CVE-2015-0480
• https://www.cve.org/CVERecord?id=CVE-2015-0480
• https://nvd.nist.gov/vuln/detail/CVE-2015-0480
• https://access.redhat.com/security/cve/CVE-2015-0488
• https://www.cve.org/CVERecord?id=CVE-2015-0488
• https://nvd.nist.gov/vuln/detail/CVE-2015-0488
• https://access.redhat.com/security/cve/CVE-2015-0491
• https://www.cve.org/CVERecord?id=CVE-2015-0491
• https://nvd.nist.gov/vuln/detail/CVE-2015-0491
• https://access.redhat.com/security/cve/CVE-2015-1914
• https://www.cve.org/CVERecord?id=CVE-2015-1914
• https://nvd.nist.gov/vuln/detail/CVE-2015-1914
• https://access.redhat.com/security/cve/CVE-2015-2808
• https://www.cve.org/CVERecord?id=CVE-2015-2808
• https://nvd.nist.gov/vuln/detail/CVE-2015-2808
• http://www.imperva.com/docs/HII_Attacking_SSL_when_using_RC4.pdf