You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa IBM Java 6

Sigurnosni nedostaci programskog paketa IBM Java 6

SUSE Security Update: Security update for IBM Java 6
______________________________________________________________________________

Announcement ID: SUSE-SU-2014:0266-3
Rating: important
References: #862064
Cross-References: CVE-2013-5878 CVE-2013-5884 CVE-2013-5887
CVE-2013-5888 CVE-2013-5889 CVE-2013-5896
CVE-2013-5898 CVE-2013-5899 CVE-2013-5907
CVE-2013-5910 CVE-2014-0368 CVE-2014-0373
CVE-2014-0375 CVE-2014-0376 CVE-2014-0387
CVE-2014-0403 CVE-2014-0410 CVE-2014-0411
CVE-2014-0415 CVE-2014-0416 CVE-2014-0417
CVE-2014-0422 CVE-2014-0423 CVE-2014-0424
CVE-2014-0428
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP1 LTSS
SUSE Linux Enterprise Server 10 SP4 LTSS
SUSE Linux Enterprise Java 11 SP3
______________________________________________________________________________

An update that fixes 25 vulnerabilities is now available.

Description:

IBM Java 6 was updated to version SR15-FP1 which received
security and bug fixes.

More information at:
http://www.ibm.com/developerworks/java/jdk/alerts/#Oracle_Ja
nuary_14_2014_CPU
<http://www.ibm.com/developerworks/java/jdk/alerts/#Oracle_J
anuary_14_2014_CPU>

Security Issue references:

* CVE-2014-0428
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428
>
* CVE-2014-0422
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0422
>
* CVE-2013-5907
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5907
>
* CVE-2014-0417
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0417
>
* CVE-2014-0373
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0373
>
* CVE-2014-0423
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0423
>
* CVE-2014-0376
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376
>
* CVE-2014-0376
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376
>
* CVE-2014-0416
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0416
>
* CVE-2014-0368
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0368
>
* CVE-2014-0411
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411
>
* CVE-2014-0428
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428
>
* CVE-2014-0422
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0422
>
* CVE-2013-5907
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5907
>
* CVE-2014-0415
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0415
>
* CVE-2014-0410
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0410
>
* CVE-2013-5889
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5889
>
* CVE-2014-0417
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0417
>
* CVE-2014-0387
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0387
>
* CVE-2014-0424
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0424
>
* CVE-2013-5878
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5878
>
* CVE-2014-0373
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0373
>
* CVE-2014-0375
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0375
>
* CVE-2014-0403
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0403
>
* CVE-2014-0423
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0423
>
* CVE-2014-0376
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376
>
* CVE-2013-5910
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5910
>
* CVE-2013-5884
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5884
>
* CVE-2013-5896
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5896
>
* CVE-2014-0376
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376
>
* CVE-2013-5899
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5899
>
* CVE-2014-0416
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0416
>
* CVE-2013-5887
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5887
>
* CVE-2014-0368
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0368
>
* CVE-2013-5888
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5888
>
* CVE-2013-5898
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5898
>
* CVE-2014-0411
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411
>

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Software Development Kit 11 SP3:

zypper in -t patch sdksp3-java-1_6_0-ibm-8896

– SUSE Linux Enterprise Server 11 SP3 for VMware:

zypper in -t patch slessp3-java-1_6_0-ibm-8896

– SUSE Linux Enterprise Server 11 SP3:

zypper in -t patch slessp3-java-1_6_0-ibm-8896

– SUSE Linux Enterprise Server 11 SP1 LTSS:

zypper in -t patch slessp1-java-1_6_0-ibm-8901

– SUSE Linux Enterprise Java 11 SP3:

zypper in -t patch slejsp3-java-1_6_0-ibm-8896

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ppc64 s390x x86_64):

java-1_6_0-ibm-devel-1.6.0_sr15.1-0.6.1

– SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64):

java-1_6_0-ibm-1.6.0_sr15.1-0.6.1
java-1_6_0-ibm-fonts-1.6.0_sr15.1-0.6.1

– SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64):

java-1_6_0-ibm-1.6.0_sr15.1-0.6.1
java-1_6_0-ibm-fonts-1.6.0_sr15.1-0.6.1
java-1_6_0-ibm-jdbc-1.6.0_sr15.1-0.6.1
java-1_6_0-ibm-plugin-1.6.0_sr15.1-0.6.1

– SUSE Linux Enterprise Server 11 SP3 for VMware (i586):

java-1_6_0-ibm-alsa-1.6.0_sr15.1-0.6.1

– SUSE Linux Enterprise Server 11 SP3 (i586 ppc64 s390x x86_64):

java-1_6_0-ibm-1.6.0_sr15.1-0.6.1
java-1_6_0-ibm-fonts-1.6.0_sr15.1-0.6.1
java-1_6_0-ibm-jdbc-1.6.0_sr15.1-0.6.1

– SUSE Linux Enterprise Server 11 SP3 (i586 x86_64):

java-1_6_0-ibm-plugin-1.6.0_sr15.1-0.6.1

– SUSE Linux Enterprise Server 11 SP3 (i586):

java-1_6_0-ibm-alsa-1.6.0_sr15.1-0.6.1

– SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64):

java-1_6_0-ibm-1.6.0_sr15.1-0.6.1
java-1_6_0-ibm-fonts-1.6.0_sr15.1-0.6.1
java-1_6_0-ibm-jdbc-1.6.0_sr15.1-0.6.1

– SUSE Linux Enterprise Server 11 SP1 LTSS (i586 x86_64):

java-1_6_0-ibm-plugin-1.6.0_sr15.1-0.6.1

– SUSE Linux Enterprise Server 11 SP1 LTSS (i586):

java-1_6_0-ibm-alsa-1.6.0_sr15.1-0.6.1

– SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x x86_64):

java-1_5_0-ibm-1.5.0_sr16.5-0.6.1
java-1_5_0-ibm-devel-1.5.0_sr16.5-0.6.1
java-1_5_0-ibm-fonts-1.5.0_sr16.5-0.6.1
java-1_6_0-ibm-1.6.0_sr15.1-0.15.1
java-1_6_0-ibm-devel-1.6.0_sr15.1-0.15.1
java-1_6_0-ibm-fonts-1.6.0_sr15.1-0.15.1
java-1_6_0-ibm-jdbc-1.6.0_sr15.1-0.15.1

– SUSE Linux Enterprise Server 10 SP4 LTSS (s390x x86_64):

java-1_5_0-ibm-32bit-1.5.0_sr16.5-0.6.1
java-1_5_0-ibm-devel-32bit-1.5.0_sr16.5-0.6.1
java-1_6_0-ibm-32bit-1.6.0_sr15.1-0.15.1
java-1_6_0-ibm-devel-32bit-1.6.0_sr15.1-0.15.1

– SUSE Linux Enterprise Server 10 SP4 LTSS (i586 x86_64):

java-1_6_0-ibm-plugin-1.6.0_sr15.1-0.15.1

– SUSE Linux Enterprise Server 10 SP4 LTSS (x86_64):

java-1_5_0-ibm-alsa-32bit-1.5.0_sr16.5-0.6.1
java-1_6_0-ibm-alsa-32bit-1.6.0_sr15.1-0.15.1
java-1_6_0-ibm-plugin-32bit-1.6.0_sr15.1-0.15.1

– SUSE Linux Enterprise Server 10 SP4 LTSS (i586):

java-1_5_0-ibm-alsa-1.5.0_sr16.5-0.6.1
java-1_5_0-ibm-jdbc-1.5.0_sr16.5-0.6.1
java-1_5_0-ibm-plugin-1.5.0_sr16.5-0.6.1
java-1_6_0-ibm-alsa-1.6.0_sr15.1-0.15.1

– SUSE Linux Enterprise Java 11 SP3 (i586 ppc64 s390x x86_64):

java-1_6_0-ibm-1.6.0_sr15.1-0.6.1
java-1_6_0-ibm-devel-1.6.0_sr15.1-0.6.1
java-1_6_0-ibm-fonts-1.6.0_sr15.1-0.6.1
java-1_6_0-ibm-jdbc-1.6.0_sr15.1-0.6.1

– SUSE Linux Enterprise Java 11 SP3 (i586 x86_64):

java-1_6_0-ibm-plugin-1.6.0_sr15.1-0.6.1

– SUSE Linux Enterprise Java 11 SP3 (i586):

java-1_6_0-ibm-alsa-1.6.0_sr15.1-0.6.1

References:

http://support.novell.com/security/cve/CVE-2013-5878.html
http://support.novell.com/security/cve/CVE-2013-5884.html
http://support.novell.com/security/cve/CVE-2013-5887.html
http://support.novell.com/security/cve/CVE-2013-5888.html
http://support.novell.com/security/cve/CVE-2013-5889.html
http://support.novell.com/security/cve/CVE-2013-5896.html
http://support.novell.com/security/cve/CVE-2013-5898.html
http://support.novell.com/security/cve/CVE-2013-5899.html
http://support.novell.com/security/cve/CVE-2013-5907.html
http://support.novell.com/security/cve/CVE-2013-5910.html
http://support.novell.com/security/cve/CVE-2014-0368.html
http://support.novell.com/security/cve/CVE-2014-0373.html
http://support.novell.com/security/cve/CVE-2014-0375.html
http://support.novell.com/security/cve/CVE-2014-0376.html
http://support.novell.com/security/cve/CVE-2014-0387.html
http://support.novell.com/security/cve/CVE-2014-0403.html
http://support.novell.com/security/cve/CVE-2014-0410.html
http://support.novell.com/security/cve/CVE-2014-0411.html
http://support.novell.com/security/cve/CVE-2014-0415.html
http://support.novell.com/security/cve/CVE-2014-0416.html
http://support.novell.com/security/cve/CVE-2014-0417.html
http://support.novell.com/security/cve/CVE-2014-0422.html
http://support.novell.com/security/cve/CVE-2014-0423.html
http://support.novell.com/security/cve/CVE-2014-0424.html
http://support.novell.com/security/cve/CVE-2014-0428.html
https://bugzilla.novell.com/862064
http://download.novell.com/patch/finder/?keywords=31bff4adf7f4091ce92bf4450ff8b1f3
http://download.novell.com/patch/finder/?keywords=49593e2ab0f92f334869c11ea4658f10
http://download.novell.com/patch/finder/?keywords=80342541418cc3f0cde43530feba3e08
http://download.novell.com/patch/finder/?keywords=bc9c0f6c8b696630ae6e85a990a72405


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

Top
More in Preporuke
Sigurnosni propust programskog paketa openstack-nova

Otkriven je sigurnosni propust u programskom paketu openstack-nova za operacijski sustav Fedora. Otkriveni propust potencijalnim napadačima omogućuje čitanje i izmjenu...

Close