Oval Definition:	oval:com.redhat.rhsa:def:20080555
Revision Date: 2008-07-14 Version: 602 Title: RHSA-2008:0555: java-1.4.2-ibm security update (Critical) Description: IBM's 1.4.2 SR11 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. A flaw was found in the Java XSLT processing classes. An untrusted application or applet could cause a denial of service, or execute arbitrary code with the permissions of the user running the JRE. (CVE-2008-1187) A buffer overflow flaw was found in Java Web Start (JWS). An untrusted application using the Java Network Launch Protocol (JNLP) could access local files or execute local applications accessible to the user running the JRE. (CVE-2008-1196) All users of java-1.4.2-ibm are advised to upgrade to these updated packages, which contain IBM's 1.4.2 SR11 Java release which resolves these issues. Family: unix Class: patch Status: Reference(s): CVE-2008-1187 CVE-2008-1196 RHSA-2008:0555-01 Platform(s): Supplementary for Red Hat Enterprise Linux 5 Product(s): Definition Synopsis Red Hat Enterprise Linux 5 is installed AND Package Information java-1.4.2-ibm is earlier than 0:1.4.2.11-1jpp.2.el5 AND java-1.4.2-ibm is signed with Red Hat redhatrelease key OR java-1.4.2-ibm-demo is earlier than 0:1.4.2.11-1jpp.2.el5 AND java-1.4.2-ibm-demo is signed with Red Hat redhatrelease key OR java-1.4.2-ibm-devel is earlier than 0:1.4.2.11-1jpp.2.el5 AND java-1.4.2-ibm-devel is signed with Red Hat redhatrelease key OR java-1.4.2-ibm-javacomm is earlier than 0:1.4.2.11-1jpp.2.el5 AND java-1.4.2-ibm-javacomm is signed with Red Hat redhatrelease key OR java-1.4.2-ibm-jdbc is earlier than 0:1.4.2.11-1jpp.2.el5 AND java-1.4.2-ibm-jdbc is signed with Red Hat redhatrelease key OR java-1.4.2-ibm-plugin is earlier than 0:1.4.2.11-1jpp.2.el5 AND java-1.4.2-ibm-plugin is signed with Red Hat redhatrelease key OR java-1.4.2-ibm-src is earlier than 0:1.4.2.11-1jpp.2.el5 AND java-1.4.2-ibm-src is signed with Red Hat redhatrelease key
BACK