You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa IBM Java 6

Sigurnosni nedostaci programskog paketa IBM Java 6

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LSU

SUSE Security Update: Security update for IBM Java 6
______________________________________________________________________________

Announcement ID: SUSE-SU-2014:0266-1
Rating: important
References: #862064
Cross-References: CVE-2013-5878 CVE-2013-5884 CVE-2013-5887
CVE-2013-5888 CVE-2013-5889 CVE-2013-5896
CVE-2013-5898 CVE-2013-5899 CVE-2013-5907
CVE-2013-5910 CVE-2014-0368 CVE-2014-0373
CVE-2014-0375 CVE-2014-0376 CVE-2014-0387
CVE-2014-0403 CVE-2014-0410 CVE-2014-0411
CVE-2014-0415 CVE-2014-0416 CVE-2014-0417
CVE-2014-0422 CVE-2014-0423 CVE-2014-0424
CVE-2014-0428
Affected Products:
SUSE Linux Enterprise Server 10 SP3 LTSS
SUSE CORE 9
______________________________________________________________________________

An update that fixes 25 vulnerabilities is now available.

Description:

IBM Java 6 was updated to version SR15-FP1 which received
security and bugfixes.

This release fixes the following problems:

* CVE-2014-0428, CVE-2014-0422, CVE-2013-5907,
CVE-2014-0415,
* CVE-2014-0410, CVE-2013-5889, CVE-2014-0417,
CVE-2014-0387,
* CVE-2014-0424, CVE-2013-5878, CVE-2014-0373,
CVE-2014-0375,
* CVE-2014-0403, CVE-2014-0423, CVE-2014-0376,
CVE-2013-5910,
* CVE-2013-5884, CVE-2013-5896, CVE-2014-0376,
CVE-2013-5899,
* CVE-2014-0416, CVE-2013-5887, CVE-2014-0368,
CVE-2013-5888,
* CVE-2013-5898, CVE-2014-0411

More information at:
http://www.ibm.com/developerworks/java/jdk/alerts/#Oracle_Ja
nuary_14_2014_CPU
<http://www.ibm.com/developerworks/java/jdk/alerts/#Oracle_J
anuary_14_2014_CPU>

Security Issue references:

* CVE-2014-0428
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428
>
* CVE-2014-0422
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0422
>
* CVE-2013-5907
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5907
>
* CVE-2014-0417
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0417
>
* CVE-2014-0373
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0373
>
* CVE-2014-0423
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0423
>
* CVE-2014-0376
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376
>
* CVE-2014-0376
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376
>
* CVE-2014-0416
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0416
>
* CVE-2014-0368
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0368
>
* CVE-2014-0411
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411
>
* CVE-2014-0428
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428
>
* CVE-2014-0422
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0422
>
* CVE-2013-5907
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5907
>
* CVE-2014-0415
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0415
>
* CVE-2014-0410
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0410
>
* CVE-2013-5889
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5889
>
* CVE-2014-0417
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0417
>
* CVE-2014-0387
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0387
>
* CVE-2014-0424
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0424
>
* CVE-2013-5878
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5878
>
* CVE-2014-0373
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0373
>
* CVE-2014-0375
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0375
>
* CVE-2014-0403
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0403
>
* CVE-2014-0423
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0423
>
* CVE-2014-0376
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376
>
* CVE-2013-5910
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5910
>
* CVE-2013-5884
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5884
>
* CVE-2013-5896
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5896
>
* CVE-2014-0376
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376
>
* CVE-2013-5899
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5899
>
* CVE-2014-0416
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0416
>
* CVE-2013-5887
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5887
>
* CVE-2014-0368
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0368
>
* CVE-2013-5888
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5888
>
* CVE-2013-5898
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5898
>
* CVE-2014-0411
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411
>

Package List:

– SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x x86_64):

java-1_5_0-ibm-1.5.0_sr16.5-0.6.1
java-1_5_0-ibm-devel-1.5.0_sr16.5-0.6.1
java-1_5_0-ibm-fonts-1.5.0_sr16.5-0.6.1
java-1_6_0-ibm-1.6.0_sr15.1-0.5.1
java-1_6_0-ibm-devel-1.6.0_sr15.1-0.5.1
java-1_6_0-ibm-fonts-1.6.0_sr15.1-0.5.1
java-1_6_0-ibm-jdbc-1.6.0_sr15.1-0.5.1

– SUSE Linux Enterprise Server 10 SP3 LTSS (s390x x86_64):

java-1_5_0-ibm-32bit-1.5.0_sr16.5-0.6.1
java-1_5_0-ibm-devel-32bit-1.5.0_sr16.5-0.6.1
java-1_6_0-ibm-32bit-1.6.0_sr15.1-0.5.1
java-1_6_0-ibm-devel-32bit-1.6.0_sr15.1-0.5.1

– SUSE Linux Enterprise Server 10 SP3 LTSS (i586 x86_64):

java-1_6_0-ibm-plugin-1.6.0_sr15.1-0.5.1

– SUSE Linux Enterprise Server 10 SP3 LTSS (x86_64):

java-1_5_0-ibm-alsa-32bit-1.5.0_sr16.5-0.6.1
java-1_6_0-ibm-alsa-32bit-1.6.0_sr15.1-0.5.1
java-1_6_0-ibm-plugin-32bit-1.6.0_sr15.1-0.5.1

– SUSE Linux Enterprise Server 10 SP3 LTSS (i586):

java-1_5_0-ibm-alsa-1.5.0_sr16.5-0.6.1
java-1_5_0-ibm-jdbc-1.5.0_sr16.5-0.6.1
java-1_5_0-ibm-plugin-1.5.0_sr16.5-0.6.1
java-1_6_0-ibm-alsa-1.6.0_sr15.1-0.5.1

– SUSE CORE 9 (i586 s390 s390x x86_64):

IBMJava5-JRE-1.5.0_sr16.5-0.4
IBMJava5-SDK-1.5.0_sr16.5-0.4

References:

http://support.novell.com/security/cve/CVE-2013-5878.html
http://support.novell.com/security/cve/CVE-2013-5884.html
http://support.novell.com/security/cve/CVE-2013-5887.html
http://support.novell.com/security/cve/CVE-2013-5888.html
http://support.novell.com/security/cve/CVE-2013-5889.html
http://support.novell.com/security/cve/CVE-2013-5896.html
http://support.novell.com/security/cve/CVE-2013-5898.html
http://support.novell.com/security/cve/CVE-2013-5899.html
http://support.novell.com/security/cve/CVE-2013-5907.html
http://support.novell.com/security/cve/CVE-2013-5910.html
http://support.novell.com/security/cve/CVE-2014-0368.html
http://support.novell.com/security/cve/CVE-2014-0373.html
http://support.novell.com/security/cve/CVE-2014-0375.html
http://support.novell.com/security/cve/CVE-2014-0376.html
http://support.novell.com/security/cve/CVE-2014-0387.html
http://support.novell.com/security/cve/CVE-2014-0403.html
http://support.novell.com/security/cve/CVE-2014-0410.html
http://support.novell.com/security/cve/CVE-2014-0411.html
http://support.novell.com/security/cve/CVE-2014-0415.html
http://support.novell.com/security/cve/CVE-2014-0416.html
http://support.novell.com/security/cve/CVE-2014-0417.html
http://support.novell.com/security/cve/CVE-2014-0422.html
http://support.novell.com/security/cve/CVE-2014-0423.html
http://support.novell.com/security/cve/CVE-2014-0424.html
http://support.novell.com/security/cve/CVE-2014-0428.html
https://bugzilla.novell.com/862064
http://download.novell.com/patch/finder/?keywords=5ac9507194ca11bcd295300c16017f4c
http://download.novell.com/patch/finder/?keywords=abb9b287dc1d7479726b01b15ea2eeb3
http://download.novell.com/patch/finder/?keywords=b4764fb7eed43ec4dce07d7be78e74c3


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

AutorMarko Stanec
Cert idNCERT-REF-2014-02-0027-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
Top
More in Preporuke
Sigurnosni nedostatak programskog paketa libtar

Otkriven je sigurnosni nedostatak u programskom paketu libtar. Otkriveni nedostatak je posljedica neispravne provjere naziva datoteka, što potencijalnim napadačima omogućuje...

Close