Articles / SuSE: New IBM Java packages…

SuSE: New IBM Java packages fix remote vulnerabilities

IBM Java 1.5.0 SR12 FP5 has been released fixing bugs and security issues. Unspecified vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors. Updated packages are available from download.opensuse.org.

  SUSE Security Update: Security update for IBM Java
______________________________________________________________________________

Announcement ID:    SUSE-SU-2011:0863-1
Rating:             important
References:         #707244 
Affected Products:
                   SUSE Linux Enterprise Teradata 10 SP3
                   SUSE Linux Enterprise Server 10 SP4
                   SUSE Linux Enterprise Server 10 SP3
                   SUSE Linux Enterprise Java 10 SP4
                   SUSE Linux Enterprise Java 10 SP3
                   SUSE Linux Enterprise Desktop 10 SP4
______________________________________________________________________________

  An update that contains security fixes can now be installed.

Description:


  IBM Java 1.5.0 SR12 FP5 has been released fixing bugs and
  security issues.

  Following security issues were fixed:

  *

  CVE-2011-0865: Unspecified vulnerability in the Java
  Runtime Environment (JRE) component in Oracle Java SE 6
  Update 25 and earlier, 5.0 Update 29 and earlier, and
  1.4.2_31 and earlier allows remote untrusted Java Web Start
  applications and untrusted Java applets to affect integrity
  via unknown vectors related to Deserialization.

  *

  CVE-2011-0866: Unspecified vulnerability in the Java
  Runtime Environment (JRE) component in Oracle Java SE 6
  Update 25 and earlier, 5.0 Update 29 and earlier, and
  1.4.2_31 and earlier, when running on Windows, allows
  remote untrusted Java Web Start applications and untrusted
  Java applets to affect confidentiality, integrity, and
  availability via unknown vectors related to Java Runtime
  Environment.

  *

  CVE-2011-0802: Unspecified vulnerability in the Java
  Runtime Environment (JRE) component in Oracle Java SE 6
  Update 25 and earlier, when running on Windows, allows
  remote untrusted Java Web Start applications and untrusted
  Java applets to affect confidentiality, integrity, and
  availability via unknown vectors related to Deployment, a
  different vulnerability than CVE-2011-0786.

  *

  CVE-2011-0814: Unspecified vulnerability in the Java
  Runtime Environment (JRE) component in Oracle Java SE 6
  Update 25 and earlier, 5.0 Update 29 and earlier, and
  1.4.2_31 and earlier allows remote attackers to affect
  confidentiality, integrity, and availability via unknown
  vectors related to Sound, a different vulnerability than
  CVE-2011-0802.

  *

  CVE-2011-0815: Unspecified vulnerability in the Java
  Runtime Environment (JRE) component in Oracle Java SE 6
  Update 25 and earlier, 5.0 Update 29 and earlier, and
  1.4.2_31 and earlier allows remote untrusted Java Web Start
  applications and untrusted Java applets to affect
  confidentiality, integrity, and availability via unknown
  vectors related to AWT.

  *

  CVE-2011-0862: Multiple unspecified vulnerabilities
  in the Java Runtime Environment (JRE) component in Oracle
  Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier,
  and 1.4.2_31 and earlier allow remote attackers to affect
  confidentiality, integrity, and availability via unknown
  vectors related to 2D.

  *

  CVE-2011-0867: Unspecified vulnerability in the Java
  Runtime Environment (JRE) component in Oracle Java SE 6
  Update 25 and earlier, 5.0 Update 29 and earlier, and
  1.4.2_31 and earlier allows remote untrusted Java Web Start
  applications and untrusted Java applets to affect
  confidentiality via unknown vectors related to Networking.

  *

  CVE-2011-0871: Unspecified vulnerability in the Java
  Runtime Environment (JRE) component in Oracle Java SE 6
  Update 25 and earlier, 5.0 Update 29 and earlier, and
  1.4.2_31 and earlier allows remote untrusted Java Web Start
  applications and untrusted Java applets to affect
  confidentiality, integrity, and availability via unknown
  vectors related to Swing.

  *

  CVE-2011-0872: Unspecified vulnerability in the Java
  Runtime Environment (JRE) component in Oracle Java SE 6
  Update 25 and earlier allows remote attackers to affect
  availability via unknown vectors related to NIO.

  *

  CVE-2011-0873: Unspecified vulnerability in the Java
  Runtime Environment (JRE) component in Oracle Java SE 6
  Update 25 and earlier, and 5.0 Update 29 and earlier,
  allows remote attackers to affect confidentiality,
  integrity, and availability via unknown vectors related to
  2D.

Indications:

  Please install this update.


Package List:

  - SUSE Linux Enterprise Teradata 10 SP3 (x86_64):

     java-1_5_0-ibm-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-32bit-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-alsa-32bit-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-devel-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-devel-32bit-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-fonts-1.5.0_sr12.5-0.5.1

  - SUSE Linux Enterprise Server 10 SP4 (i586 ppc s390x x86_64):

     java-1_5_0-ibm-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-devel-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-fonts-1.5.0_sr12.5-0.5.1

  - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64):

     java-1_5_0-ibm-32bit-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-devel-32bit-1.5.0_sr12.5-0.5.1

  - SUSE Linux Enterprise Server 10 SP4 (i586 ppc):

     java-1_5_0-ibm-jdbc-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-plugin-1.5.0_sr12.5-0.5.1

  - SUSE Linux Enterprise Server 10 SP4 (x86_64):

     java-1_5_0-ibm-alsa-32bit-1.5.0_sr12.5-0.5.1

  - SUSE Linux Enterprise Server 10 SP4 (i586):

     java-1_5_0-ibm-alsa-1.5.0_sr12.5-0.5.1

  - SUSE Linux Enterprise Server 10 SP4 (ppc):

     java-1_5_0-ibm-64bit-1.5.0_sr12.5-0.5.1

  - SUSE Linux Enterprise Server 10 SP3 (i586 ppc s390x x86_64):

     java-1_5_0-ibm-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-devel-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-fonts-1.5.0_sr12.5-0.5.1

  - SUSE Linux Enterprise Server 10 SP3 (s390x x86_64):

     java-1_5_0-ibm-32bit-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-devel-32bit-1.5.0_sr12.5-0.5.1

  - SUSE Linux Enterprise Server 10 SP3 (i586 ppc):

     java-1_5_0-ibm-jdbc-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-plugin-1.5.0_sr12.5-0.5.1

  - SUSE Linux Enterprise Server 10 SP3 (x86_64):

     java-1_5_0-ibm-alsa-32bit-1.5.0_sr12.5-0.5.1

  - SUSE Linux Enterprise Server 10 SP3 (i586):

     java-1_5_0-ibm-alsa-1.5.0_sr12.5-0.5.1

  - SUSE Linux Enterprise Server 10 SP3 (ppc):

     java-1_5_0-ibm-64bit-1.5.0_sr12.5-0.5.1

  - SUSE Linux Enterprise Java 10 SP4 (i586 ppc s390x x86_64):

     java-1_5_0-ibm-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-devel-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-fonts-1.5.0_sr12.5-0.5.1

  - SUSE Linux Enterprise Java 10 SP4 (ppc):

     java-1_5_0-ibm-jdbc-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-plugin-1.5.0_sr12.5-0.5.1

  - SUSE Linux Enterprise Java 10 SP3 (i586 ppc s390x):

     java-1_5_0-ibm-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-devel-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-fonts-1.5.0_sr12.5-0.5.1

  - SUSE Linux Enterprise Java 10 SP3 (ppc):

     java-1_5_0-ibm-jdbc-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-plugin-1.5.0_sr12.5-0.5.1

  - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):

     java-1_5_0-ibm-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-demo-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-devel-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-fonts-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-src-1.5.0_sr12.5-0.5.1

  - SUSE Linux Enterprise Desktop 10 SP4 (x86_64):

     java-1_5_0-ibm-32bit-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-alsa-32bit-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-devel-32bit-1.5.0_sr12.5-0.5.1

  - SUSE Linux Enterprise Desktop 10 SP4 (i586):

     java-1_5_0-ibm-alsa-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-jdbc-1.5.0_sr12.5-0.5.1
     java-1_5_0-ibm-plugin-1.5.0_sr12.5-0.5.1


References:

  https://bugzilla.novell.com/707244
  http://download.novell.com/patch/finder/?keywords=2937cbb354c6df7495e14d6572d00c23
  http://download.novell.com/patch/finder/?keywords=9f362d0065fd135e7f4ae300527396e5
Screenshot

Project Spotlight

Kigo Video Converter Ultimate for Mac

A tool for converting and editing videos.

Screenshot

Project Spotlight

Kid3

An efficient tagger for MP3, Ogg/Vorbis, and FLAC files.