Oval Definition:oval:com.redhat.rhsa:def:20100807
Revision Date:2010-10-27Version:602
Title:RHSA-2010:0807: java-1.5.0-ibm security update (Critical)
Description:The IBM 1.5.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit.

  • This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. Detailed vulnerability descriptions are linked from the IBM "Security alerts" page, listed in the References section. (CVE-2010-1321, CVE-2010-3541, CVE-2010-3548, CVE-2010-3549, CVE-2010-3550, CVE-2010-3551, CVE-2010-3556, CVE-2010-3559, CVE-2010-3562, CVE-2010-3565, CVE-2010-3566, CVE-2010-3568, CVE-2010-3569, CVE-2010-3572, CVE-2010-3573, CVE-2010-3574)

  • The RHSA-2010:0130 update mitigated a man-in-the-middle attack in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handle session renegotiation by disabling renegotiation. This update implements the TLS Renegotiation Indication Extension as defined in RFC 5746, allowing secure renegotiation between updated clients and servers. (CVE-2009-3555)

    All users of java-1.5.0-ibm are advised to upgrade to these updated packages, containing the IBM 1.5.0 SR12-FP2 Java release. All running instances of IBM Java must be restarted for this update to take effect.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2009-3555
    CVE-2010-1321
    CVE-2010-3541
    CVE-2010-3548
    CVE-2010-3549
    CVE-2010-3550
    CVE-2010-3551
    CVE-2010-3556
    CVE-2010-3559
    CVE-2010-3562
    CVE-2010-3565
    CVE-2010-3566
    CVE-2010-3568
    CVE-2010-3569
    CVE-2010-3572
    CVE-2010-3573
    CVE-2010-3574
    RHSA-2010:0807-01
    Platform(s):Supplementary for Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux 5 is installed
  • AND Package Information
  • java-1.5.0-ibm is earlier than 1:1.5.0.12.2-1jpp.1.el5
  • AND java-1.5.0-ibm is signed with Red Hat redhatrelease key
  • OR
  • java-1.5.0-ibm-accessibility is earlier than 1:1.5.0.12.2-1jpp.1.el5
  • AND java-1.5.0-ibm-accessibility is signed with Red Hat redhatrelease key
  • OR
  • java-1.5.0-ibm-demo is earlier than 1:1.5.0.12.2-1jpp.1.el5
  • AND java-1.5.0-ibm-demo is signed with Red Hat redhatrelease key
  • OR
  • java-1.5.0-ibm-devel is earlier than 1:1.5.0.12.2-1jpp.1.el5
  • AND java-1.5.0-ibm-devel is signed with Red Hat redhatrelease key
  • OR
  • java-1.5.0-ibm-javacomm is earlier than 1:1.5.0.12.2-1jpp.1.el5
  • AND java-1.5.0-ibm-javacomm is signed with Red Hat redhatrelease key
  • OR
  • java-1.5.0-ibm-jdbc is earlier than 1:1.5.0.12.2-1jpp.1.el5
  • AND java-1.5.0-ibm-jdbc is signed with Red Hat redhatrelease key
  • OR
  • java-1.5.0-ibm-plugin is earlier than 1:1.5.0.12.2-1jpp.1.el5
  • AND java-1.5.0-ibm-plugin is signed with Red Hat redhatrelease key
  • OR
  • java-1.5.0-ibm-src is earlier than 1:1.5.0.12.2-1jpp.1.el5
  • AND java-1.5.0-ibm-src is signed with Red Hat redhatrelease key
    • BACK