Oval Definition:oval:com.redhat.rhsa:def:20141880
Revision Date:2014-11-20Version:601
Title:RHSA-2014:1880: java-1.7.1-ibm security update (Critical)
Description:IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.

  • This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2014-3065, CVE-2014-3566, CVE-2014-4288, CVE-2014-6456, CVE-2014-6457, CVE-2014-6458, CVE-2014-6476, CVE-2014-6492, CVE-2014-6493, CVE-2014-6502, CVE-2014-6503, CVE-2014-6506, CVE-2014-6511, CVE-2014-6512, CVE-2014-6515, CVE-2014-6527, CVE-2014-6531, CVE-2014-6532, CVE-2014-6558)

    The CVE-2014-6512 issue was discovered by Florian Weimer of Red Hat Product Security.

    Note: With this update, the IBM SDK now disables the SSL 3.0 protocol to address the CVE-2014-3566 issue (also known as POODLE). Refer to the IBM article linked to in the References section for additional details about this change and instructions on how to re-enable SSL 3.0 support if needed.

    All users of java-1.7.1-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 7R1 SR2 release. All running instances of IBM Java must be restarted for the update to take effect.
  • Family:unixClass:patch
    Status:Reference(s):CVE-2014-3065
    CVE-2014-3566
    CVE-2014-4288
    CVE-2014-6456
    CVE-2014-6457
    CVE-2014-6458
    CVE-2014-6476
    CVE-2014-6492
    CVE-2014-6493
    CVE-2014-6502
    CVE-2014-6503
    CVE-2014-6506
    CVE-2014-6511
    CVE-2014-6512
    CVE-2014-6515
    CVE-2014-6527
    CVE-2014-6531
    CVE-2014-6532
    CVE-2014-6558
    RHSA-2014:1880-00
    Platform(s):Supplementary for Red Hat Enterprise Linux 6
    Product(s):
    Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 6 Client is installed
  • OR Red Hat Enterprise Linux 6 Server is installed
  • OR Red Hat Enterprise Linux 6 Workstation is installed
  • OR Red Hat Enterprise Linux 6 ComputeNode is installed
  • AND Package Information
  • java-1.7.1-ibm is earlier than 1:1.7.1.2.0-1jpp.3.el6_6
  • AND java-1.7.1-ibm is signed with Red Hat redhatrelease2 key
  • OR
  • java-1.7.1-ibm-demo is earlier than 1:1.7.1.2.0-1jpp.3.el6_6
  • AND java-1.7.1-ibm-demo is signed with Red Hat redhatrelease2 key
  • OR
  • java-1.7.1-ibm-devel is earlier than 1:1.7.1.2.0-1jpp.3.el6_6
  • AND java-1.7.1-ibm-devel is signed with Red Hat redhatrelease2 key
  • OR
  • java-1.7.1-ibm-jdbc is earlier than 1:1.7.1.2.0-1jpp.3.el6_6
  • AND java-1.7.1-ibm-jdbc is signed with Red Hat redhatrelease2 key
  • OR
  • java-1.7.1-ibm-plugin is earlier than 1:1.7.1.2.0-1jpp.3.el6_6
  • AND java-1.7.1-ibm-plugin is signed with Red Hat redhatrelease2 key
  • OR
  • java-1.7.1-ibm-src is earlier than 1:1.7.1.2.0-1jpp.3.el6_6
  • AND java-1.7.1-ibm-src is signed with Red Hat redhatrelease2 key
  • BACK