SUSE Security Update: Security update for IBM Java 7
______________________________________________________________________________

Announcement ID: SUSE-SU-2014:0733-1
Rating: important
References: #877429
Cross-References: CVE-2013-6629 CVE-2013-6954 CVE-2014-0428
CVE-2014-0429 CVE-2014-0446 CVE-2014-0448
CVE-2014-0449 CVE-2014-0451 CVE-2014-0452
CVE-2014-0453 CVE-2014-0454 CVE-2014-0455
CVE-2014-0457 CVE-2014-0458 CVE-2014-0459
CVE-2014-0460 CVE-2014-0461 CVE-2014-0878
CVE-2014-1876 CVE-2014-2398 CVE-2014-2401
CVE-2014-2402 CVE-2014-2409 CVE-2014-2412
CVE-2014-2414 CVE-2014-2420 CVE-2014-2421
CVE-2014-2423 CVE-2014-2427 CVE-2014-2428

Affected Products:
SUSE Linux Enterprise Server 11 SP2 LTSS
______________________________________________________________________________

An update that fixes 30 vulnerabilities is now available.

Description:

IBM Java 7 was updated to version SR7, which received security and bug
fixes.

More information is available at:
http://www.ibm.com/developerworks/java/jdk/aix/j764/Java7_64.fixes.html#SR7
<http://www.ibm.com/developerworks/java/jdk/aix/j764/Java7_64.fixes.html#SR
7>

Security Issues references:

* CVE-2013-6629
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6629>
* CVE-2013-6954
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6954>
* CVE-2014-0429
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429>
* CVE-2014-0446
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0446>
* CVE-2014-0448
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0448>
* CVE-2014-0449
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0449>
* CVE-2014-0451
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451>
* CVE-2014-0452
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452>
* CVE-2014-0457
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457>
* CVE-2014-0458
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458>
* CVE-2014-0459
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0459>
* CVE-2014-0460
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460>
* CVE-2014-0461
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0461>
* CVE-2014-1876
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1876>
* CVE-2014-2398
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398>
* CVE-2014-2401
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2401>
* CVE-2014-2402
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2402>
* CVE-2014-2409
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2409>
* CVE-2014-2412
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412>
* CVE-2014-2414
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414>
* CVE-2014-2420
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2420>
* CVE-2014-2421
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421>
* CVE-2014-2423
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423>
* CVE-2014-2427
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427>
* CVE-2014-2428
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2428>
* CVE-2014-0455
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0455>
* CVE-2014-0428
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428>
* CVE-2014-0453
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453>
* CVE-2014-0454
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0454>
* CVE-2014-0878
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0878>

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server 11 SP2 LTSS:

zypper in -t patch slessp2-java-1_7_0-ibm-9275

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server 11 SP2 LTSS (i586 s390x x86_64):

java-1_7_0-ibm-1.7.0_sr7.0-0.5.1
java-1_7_0-ibm-devel-1.7.0_sr7.0-0.5.1
java-1_7_0-ibm-jdbc-1.7.0_sr7.0-0.5.1

– SUSE Linux Enterprise Server 11 SP2 LTSS (i586 x86_64):

java-1_7_0-ibm-alsa-1.7.0_sr7.0-0.5.1
java-1_7_0-ibm-plugin-1.7.0_sr7.0-0.5.1

References:

http://support.novell.com/security/cve/CVE-2013-6629.html
http://support.novell.com/security/cve/CVE-2013-6954.html
http://support.novell.com/security/cve/CVE-2014-0428.html
http://support.novell.com/security/cve/CVE-2014-0429.html
http://support.novell.com/security/cve/CVE-2014-0446.html
http://support.novell.com/security/cve/CVE-2014-0448.html
http://support.novell.com/security/cve/CVE-2014-0449.html
http://support.novell.com/security/cve/CVE-2014-0451.html
http://support.novell.com/security/cve/CVE-2014-0452.html
http://support.novell.com/security/cve/CVE-2014-0453.html
http://support.novell.com/security/cve/CVE-2014-0454.html
http://support.novell.com/security/cve/CVE-2014-0455.html
http://support.novell.com/security/cve/CVE-2014-0457.html
http://support.novell.com/security/cve/CVE-2014-0458.html
http://support.novell.com/security/cve/CVE-2014-0459.html
http://support.novell.com/security/cve/CVE-2014-0460.html
http://support.novell.com/security/cve/CVE-2014-0461.html
http://support.novell.com/security/cve/CVE-2014-0878.html
http://support.novell.com/security/cve/CVE-2014-1876.html
http://support.novell.com/security/cve/CVE-2014-2398.html
http://support.novell.com/security/cve/CVE-2014-2401.html
http://support.novell.com/security/cve/CVE-2014-2402.html
http://support.novell.com/security/cve/CVE-2014-2409.html
http://support.novell.com/security/cve/CVE-2014-2412.html
http://support.novell.com/security/cve/CVE-2014-2414.html
http://support.novell.com/security/cve/CVE-2014-2420.html
http://support.novell.com/security/cve/CVE-2014-2421.html
http://support.novell.com/security/cve/CVE-2014-2423.html
http://support.novell.com/security/cve/CVE-2014-2427.html
http://support.novell.com/security/cve/CVE-2014-2428.html
https://bugzilla.novell.com/877429
http://download.suse.com/patch/finder/?keywords=b4c561518a2b8e396c17cfe8ee6dd5bf

—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
7e