rhsa-2014_0982
Vulnerability from csaf_redhat
Published
2014-07-29 15:40
Modified
2024-12-01 11:59
Summary
Red Hat Security Advisory: Red Hat Network Satellite server IBM Java Runtime security update
Notes
Topic
Updated java-1.6.0-ibm packages that fix several security issues are now
available for Red Hat Network Satellite Server 5.4, 5.5, and 5.6.
The Red Hat Security Response Team has rated this update as having Low
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
This update corrects several security vulnerabilities in the IBM Java
Runtime Environment shipped as part of Red Hat Network Satellite Server
5.4, 5.5, and 5.6. In a typical operating environment, these are of low
security risk as the runtime is not used on untrusted applets.
Several flaws were fixed in the IBM Java 2 Runtime Environment.
(CVE-2013-5878, CVE-2013-5884, CVE-2013-5887, CVE-2013-5888, CVE-2013-5889,
CVE-2013-5896, CVE-2013-5898, CVE-2013-5899, CVE-2013-5907, CVE-2013-5910,
CVE-2013-6629, CVE-2013-6954, CVE-2014-0368, CVE-2014-0373, CVE-2014-0375,
CVE-2014-0376, CVE-2014-0387, CVE-2014-0403, CVE-2014-0410, CVE-2014-0411,
CVE-2014-0415, CVE-2014-0416, CVE-2014-0417, CVE-2014-0422, CVE-2014-0423,
CVE-2014-0424, CVE-2014-0428, CVE-2014-0429, CVE-2014-0446, CVE-2014-0449,
CVE-2014-0451, CVE-2014-0452, CVE-2014-0453, CVE-2014-0457, CVE-2014-0458,
CVE-2014-0460, CVE-2014-0461, CVE-2014-0878, CVE-2014-1876, CVE-2014-2398,
CVE-2014-2401, CVE-2014-2409, CVE-2014-2412, CVE-2014-2414, CVE-2014-2420,
CVE-2014-2421, CVE-2014-2423, CVE-2014-2427, CVE-2014-2428)
Users of Red Hat Network Satellite Server 5.4, 5.5, and 5.6 are advised to
upgrade to these updated packages, which contain the IBM Java SE 6 SR16
release. For this update to take effect, Red Hat Network Satellite Server
must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all
running instances of IBM Java.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated java-1.6.0-ibm packages that fix several security issues are now\navailable for Red Hat Network Satellite Server 5.4, 5.5, and 5.6.\n\nThe Red Hat Security Response Team has rated this update as having Low\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This update corrects several security vulnerabilities in the IBM Java\nRuntime Environment shipped as part of Red Hat Network Satellite Server\n5.4, 5.5, and 5.6. In a typical operating environment, these are of low\nsecurity risk as the runtime is not used on untrusted applets.\n\nSeveral flaws were fixed in the IBM Java 2 Runtime Environment.\n(CVE-2013-5878, CVE-2013-5884, CVE-2013-5887, CVE-2013-5888, CVE-2013-5889,\nCVE-2013-5896, CVE-2013-5898, CVE-2013-5899, CVE-2013-5907, CVE-2013-5910,\nCVE-2013-6629, CVE-2013-6954, CVE-2014-0368, CVE-2014-0373, CVE-2014-0375,\nCVE-2014-0376, CVE-2014-0387, CVE-2014-0403, CVE-2014-0410, CVE-2014-0411,\nCVE-2014-0415, CVE-2014-0416, CVE-2014-0417, CVE-2014-0422, CVE-2014-0423,\nCVE-2014-0424, CVE-2014-0428, CVE-2014-0429, CVE-2014-0446, CVE-2014-0449,\nCVE-2014-0451, CVE-2014-0452, CVE-2014-0453, CVE-2014-0457, CVE-2014-0458,\nCVE-2014-0460, CVE-2014-0461, CVE-2014-0878, CVE-2014-1876, CVE-2014-2398,\nCVE-2014-2401, CVE-2014-2409, CVE-2014-2412, CVE-2014-2414, CVE-2014-2420,\nCVE-2014-2421, CVE-2014-2423, CVE-2014-2427, CVE-2014-2428)\n\nUsers of Red Hat Network Satellite Server 5.4, 5.5, and 5.6 are advised to\nupgrade to these updated packages, which contain the IBM Java SE 6 SR16\nrelease. For this update to take effect, Red Hat Network Satellite Server\nmust be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all\nrunning instances of IBM Java.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2014:0982",
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "https://www.ibm.com/developerworks/java/jdk/alerts/",
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"category": "external",
"summary": "1031734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1031734"
},
{
"category": "external",
"summary": "1045561",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1045561"
},
{
"category": "external",
"summary": "1051519",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051519"
},
{
"category": "external",
"summary": "1051528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051528"
},
{
"category": "external",
"summary": "1051699",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051699"
},
{
"category": "external",
"summary": "1051823",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051823"
},
{
"category": "external",
"summary": "1051911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051911"
},
{
"category": "external",
"summary": "1051912",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051912"
},
{
"category": "external",
"summary": "1051923",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051923"
},
{
"category": "external",
"summary": "1052915",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052915"
},
{
"category": "external",
"summary": "1052919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052919"
},
{
"category": "external",
"summary": "1052942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052942"
},
{
"category": "external",
"summary": "1053010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053010"
},
{
"category": "external",
"summary": "1053066",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053066"
},
{
"category": "external",
"summary": "1053266",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053266"
},
{
"category": "external",
"summary": "1053495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053495"
},
{
"category": "external",
"summary": "1053496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053496"
},
{
"category": "external",
"summary": "1053499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053499"
},
{
"category": "external",
"summary": "1053501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053501"
},
{
"category": "external",
"summary": "1053502",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053502"
},
{
"category": "external",
"summary": "1053504",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053504"
},
{
"category": "external",
"summary": "1053507",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053507"
},
{
"category": "external",
"summary": "1053508",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053508"
},
{
"category": "external",
"summary": "1053515",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053515"
},
{
"category": "external",
"summary": "1053516",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053516"
},
{
"category": "external",
"summary": "1053517",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053517"
},
{
"category": "external",
"summary": "1053518",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053518"
},
{
"category": "external",
"summary": "1060907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060907"
},
{
"category": "external",
"summary": "1086632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1086632"
},
{
"category": "external",
"summary": "1086645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1086645"
},
{
"category": "external",
"summary": "1087409",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087409"
},
{
"category": "external",
"summary": "1087411",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087411"
},
{
"category": "external",
"summary": "1087417",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087417"
},
{
"category": "external",
"summary": "1087426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087426"
},
{
"category": "external",
"summary": "1087427",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087427"
},
{
"category": "external",
"summary": "1087428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087428"
},
{
"category": "external",
"summary": "1087430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087430"
},
{
"category": "external",
"summary": "1087431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087431"
},
{
"category": "external",
"summary": "1087434",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087434"
},
{
"category": "external",
"summary": "1087436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087436"
},
{
"category": "external",
"summary": "1087439",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087439"
},
{
"category": "external",
"summary": "1087441",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087441"
},
{
"category": "external",
"summary": "1087442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087442"
},
{
"category": "external",
"summary": "1088025",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1088025"
},
{
"category": "external",
"summary": "1088027",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1088027"
},
{
"category": "external",
"summary": "1088028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1088028"
},
{
"category": "external",
"summary": "1088030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1088030"
},
{
"category": "external",
"summary": "1088031",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1088031"
},
{
"category": "external",
"summary": "1097345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1097345"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0982.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Network Satellite server IBM Java Runtime security update",
"tracking": {
"current_release_date": "2024-12-01T11:59:15+00:00",
"generator": {
"date": "2024-12-01T11:59:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2014:0982",
"initial_release_date": "2014-07-29T15:40:11+00:00",
"revision_history": [
{
"date": "2014-07-29T15:40:11+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2014-07-29T15:40:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-01T11:59:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 5.4 (RHEL v.5)",
"product": {
"name": "Red Hat Satellite 5.4 (RHEL v.5)",
"product_id": "5Server-Satellite54",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_satellite:5.4::el5"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 5.5 (RHEL v.5)",
"product": {
"name": "Red Hat Satellite 5.5 (RHEL v.5)",
"product_id": "5Server-Satellite55",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_satellite:5.5::el5"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 5.6 (RHEL v.5)",
"product": {
"name": "Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_satellite:5.6::el5"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 5.4 (RHEL v.6)",
"product": {
"name": "Red Hat Satellite 5.4 (RHEL v.6)",
"product_id": "6Server-Satellite",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_satellite:5.4::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 5.5 (RHEL v.6)",
"product": {
"name": "Red Hat Satellite 5.5 (RHEL v.6)",
"product_id": "6Server-Satellite55",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_satellite:5.5::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 5.6 (RHEL v.6)",
"product": {
"name": "Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_satellite:5.6::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"product_id": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.16.0-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"product_id": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.16.0-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"product": {
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"product_id": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.16.0-1jpp.1.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"product": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"product_id": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.16.0-1jpp.1.el6?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"product": {
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"product_id": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.16.0-1jpp.1.el5?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"product": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"product_id": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.16.0-1jpp.1.el5?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"product": {
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"product_id": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.16.0-1jpp.1.el6?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"product": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"product_id": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.16.0-1jpp.1.el6?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"product": {
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"product_id": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.16.0-1jpp.1.el5?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"product": {
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"product_id": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.16.0-1jpp.1.el6?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"product": {
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"product_id": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.16.0-1jpp.1.el5?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"product": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"product_id": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.16.0-1jpp.1.el5?arch=i386\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i386"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386 as a component of Red Hat Satellite 5.4 (RHEL v.5)",
"product_id": "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"relates_to_product_reference": "5Server-Satellite54"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.4 (RHEL v.5)",
"product_id": "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"relates_to_product_reference": "5Server-Satellite54"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src as a component of Red Hat Satellite 5.4 (RHEL v.5)",
"product_id": "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"relates_to_product_reference": "5Server-Satellite54"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.4 (RHEL v.5)",
"product_id": "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Satellite54"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386 as a component of Red Hat Satellite 5.4 (RHEL v.5)",
"product_id": "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386"
},
"product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"relates_to_product_reference": "5Server-Satellite54"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.4 (RHEL v.5)",
"product_id": "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x"
},
"product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"relates_to_product_reference": "5Server-Satellite54"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.4 (RHEL v.5)",
"product_id": "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Satellite54"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.5 (RHEL v.5)",
"product_id": "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"relates_to_product_reference": "5Server-Satellite55"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src as a component of Red Hat Satellite 5.5 (RHEL v.5)",
"product_id": "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"relates_to_product_reference": "5Server-Satellite55"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.5 (RHEL v.5)",
"product_id": "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Satellite55"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.5 (RHEL v.5)",
"product_id": "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x"
},
"product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"relates_to_product_reference": "5Server-Satellite55"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.5 (RHEL v.5)",
"product_id": "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Satellite55"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x"
},
"product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x as a component of Red Hat Satellite 5.5 (RHEL v.6)",
"product_id": "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"relates_to_product_reference": "6Server-Satellite55"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src as a component of Red Hat Satellite 5.5 (RHEL v.6)",
"product_id": "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"relates_to_product_reference": "6Server-Satellite55"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64 as a component of Red Hat Satellite 5.5 (RHEL v.6)",
"product_id": "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Server-Satellite55"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x as a component of Red Hat Satellite 5.5 (RHEL v.6)",
"product_id": "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x"
},
"product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"relates_to_product_reference": "6Server-Satellite55"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64 as a component of Red Hat Satellite 5.5 (RHEL v.6)",
"product_id": "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Server-Satellite55"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x"
},
"product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x as a component of Red Hat Satellite 5.4 (RHEL v.6)",
"product_id": "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"relates_to_product_reference": "6Server-Satellite"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src as a component of Red Hat Satellite 5.4 (RHEL v.6)",
"product_id": "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"relates_to_product_reference": "6Server-Satellite"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64 as a component of Red Hat Satellite 5.4 (RHEL v.6)",
"product_id": "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Server-Satellite"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x as a component of Red Hat Satellite 5.4 (RHEL v.6)",
"product_id": "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x"
},
"product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"relates_to_product_reference": "6Server-Satellite"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64 as a component of Red Hat Satellite 5.4 (RHEL v.6)",
"product_id": "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Server-Satellite"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-5878",
"discovery_date": "2014-01-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1051823"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the Security component does not properly handle null XML namespace (xmlns) attributes during XML document canonicalization, which allows attackers to escape the sandbox.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: null xmlns handling issue (Security, 8025026)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5878"
},
{
"category": "external",
"summary": "RHBZ#1051823",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051823"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5878",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5878"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5878",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5878"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: null xmlns handling issue (Security, 8025026)"
},
{
"cve": "CVE-2013-5884",
"discovery_date": "2014-01-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1051911"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to an incorrect check for code permissions by CORBA stub factories.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient security checks in CORBA stub factories (CORBA, 8026193)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5884"
},
{
"category": "external",
"summary": "RHBZ#1051911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051911"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5884",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5884"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5884",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5884"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: insufficient security checks in CORBA stub factories (CORBA, 8026193)"
},
{
"cve": "CVE-2013-5887",
"discovery_date": "2014-01-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1053515"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect availability via unknown vectors related to Deployment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5887"
},
{
"category": "external",
"summary": "RHBZ#1053515",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053515"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5887",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5887"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5887",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5887"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)"
},
{
"cve": "CVE-2013-5888",
"discovery_date": "2014-01-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1053517"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, when running with GNOME, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5888"
},
{
"category": "external",
"summary": "RHBZ#1053517",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053517"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5888",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5888"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5888",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5888"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)"
},
{
"cve": "CVE-2013-5889",
"discovery_date": "2014-01-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1053499"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5902, CVE-2014-0410, CVE-2014-0415, CVE-2014-0418, and CVE-2014-0424.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5889"
},
{
"category": "external",
"summary": "RHBZ#1053499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053499"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5889",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5889"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)"
},
{
"cve": "CVE-2013-5896",
"discovery_date": "2014-01-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1053266"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that com.sun.corba.se and its sub-packages are not included on the restricted package list.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: com.sun.corba.se. should be restricted package (CORBA, 8025022)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5896"
},
{
"category": "external",
"summary": "RHBZ#1053266",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053266"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5896",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5896"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5896",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5896"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
},
{
"category": "workaround",
"details": "Applications running with a security manager that make direct use of classes\nin these JDK internal packages, need to adjust their security policy to\ngrant access. See Java Security Policy Files documentation.",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: com.sun.corba.se. should be restricted package (CORBA, 8025022)"
},
{
"cve": "CVE-2013-5898",
"discovery_date": "2014-01-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1053518"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-0375 and CVE-2014-0403.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5898"
},
{
"category": "external",
"summary": "RHBZ#1053518",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053518"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5898",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5898"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5898",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5898"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)"
},
{
"cve": "CVE-2013-5899",
"discovery_date": "2014-01-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1053516"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality via unknown vectors related to Deployment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5899"
},
{
"category": "external",
"summary": "RHBZ#1053516",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053516"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5899",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5899"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5899",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5899"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)"
},
{
"cve": "CVE-2013-5907",
"discovery_date": "2014-01-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1052915"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is due to incorrect input validation in LookupProcessor.cpp in the ICU Layout Engine, which allows attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted font file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ICU: Layout Engine LookupProcessor insufficient input checks (JDK 2D, 8025034)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5907"
},
{
"category": "external",
"summary": "RHBZ#1052915",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052915"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5907",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5907"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5907",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5907"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "ICU: Layout Engine LookupProcessor insufficient input checks (JDK 2D, 8025034)"
},
{
"cve": "CVE-2013-5910",
"discovery_date": "2014-01-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1052942"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that CanonicalizerBase.java in the XML canonicalizer allows untrusted code to access mutable byte arrays.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: XML canonicalizer mutable strings passed to untrusted code (Security, 8026417)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5910"
},
{
"category": "external",
"summary": "RHBZ#1052942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052942"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5910",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5910"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5910",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5910"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: XML canonicalizer mutable strings passed to untrusted code (Security, 8026417)"
},
{
"cve": "CVE-2013-6629",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2013-11-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1031734"
}
],
"notes": [
{
"category": "description",
"text": "The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libjpeg: information leak (read of uninitialized memory)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-6629"
},
{
"category": "external",
"summary": "RHBZ#1031734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1031734"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-6629",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6629"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-6629",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6629"
}
],
"release_date": "2013-11-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libjpeg: information leak (read of uninitialized memory)"
},
{
"cve": "CVE-2013-6954",
"discovery_date": "2013-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1045561"
}
],
"notes": [
{
"category": "description",
"text": "The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via (1) a PLTE chunk of zero bytes or (2) a NULL palette, related to pngrtran.c and pngset.c.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libpng: unhandled zero-length PLTE chunk or NULL palette",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Not Vulnerable. This issue does not affect the version of libpng as shipped with Red Hat Enterprise Linux 5 and 6.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-6954"
},
{
"category": "external",
"summary": "RHBZ#1045561",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1045561"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-6954",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6954"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-6954",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6954"
}
],
"release_date": "2013-12-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "libpng: unhandled zero-length PLTE chunk or NULL palette"
},
{
"cve": "CVE-2014-0368",
"discovery_date": "2014-01-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1052919"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and Java SE Embedded 7u45, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to incorrect permission checks when listening on a socket, which allows attackers to escape the sandbox.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient Socket checkListen checks (Networking, 8011786)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0368"
},
{
"category": "external",
"summary": "RHBZ#1052919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052919"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0368",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0368"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0368",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0368"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: insufficient Socket checkListen checks (Networking, 8011786)"
},
{
"cve": "CVE-2014-0373",
"discovery_date": "2014-01-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1051699"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to throwing of an incorrect exception when SnmpStatusException should have been used in the SNMP implementation, which allows attackers to escape the sandbox.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: SnmpStatusException handling issues (Serviceability, 7068126)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0373"
},
{
"category": "external",
"summary": "RHBZ#1051699",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051699"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0373",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0373"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0373",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0373"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: SnmpStatusException handling issues (Serviceability, 7068126)"
},
{
"cve": "CVE-2014-0375",
"discovery_date": "2014-01-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1053508"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5898 and CVE-2014-0403.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0375"
},
{
"category": "external",
"summary": "RHBZ#1053508",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053508"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0375",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0375"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)"
},
{
"cve": "CVE-2014-0376",
"discovery_date": "2014-01-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1051923"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAXP. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to an improper check for \"code permissions when creating document builder factories.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: document builder missing security checks (JAXP, 8027201, 8025018)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0376"
},
{
"category": "external",
"summary": "RHBZ#1051923",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051923"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0376",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0376"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0376",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0376"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: document builder missing security checks (JAXP, 8027201, 8025018)"
},
{
"cve": "CVE-2014-0387",
"discovery_date": "2014-01-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1053502"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u65 and Java SE 7u45, when running on Firefox, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0387"
},
{
"category": "external",
"summary": "RHBZ#1053502",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053502"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0387",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0387"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0387",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0387"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)"
},
{
"cve": "CVE-2014-0403",
"discovery_date": "2014-01-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1053507"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5898 and CVE-2014-0375.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0403"
},
{
"category": "external",
"summary": "RHBZ#1053507",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053507"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0403",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0403"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0403",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0403"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)"
},
{
"cve": "CVE-2014-0410",
"discovery_date": "2014-01-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1053495"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0415, CVE-2014-0418, and CVE-2014-0424.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0410"
},
{
"category": "external",
"summary": "RHBZ#1053495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053495"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0410",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0410"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0410",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0410"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)"
},
{
"cve": "CVE-2014-0411",
"discovery_date": "2014-01-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1053010"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: TLS/SSL handshake timing issues (JSSE, 8023069)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0411"
},
{
"category": "external",
"summary": "RHBZ#1053010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053010"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0411",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0411"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0411",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0411"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: TLS/SSL handshake timing issues (JSSE, 8023069)"
},
{
"cve": "CVE-2014-0415",
"discovery_date": "2014-01-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1053496"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410, CVE-2014-0418, and CVE-2014-0424.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0415"
},
{
"category": "external",
"summary": "RHBZ#1053496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0415",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0415"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0415",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0415"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)"
},
{
"cve": "CVE-2014-0416",
"discovery_date": "2014-01-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1051912"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAAS. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to how principals are set for the Subject class, which allows attackers to escape the sandbox using deserialization of a crafted Subject instance.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insecure subject principals set handling (JAAS, 8024306)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0416"
},
{
"category": "external",
"summary": "RHBZ#1051912",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051912"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0416",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0416"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0416",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0416"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: insecure subject principals set handling (JAAS, 8024306)"
},
{
"cve": "CVE-2014-0417",
"discovery_date": "2014-01-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1053501"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JavaFX 2.2.45; and Java SE Embedded 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 5.0u71, 6u71 and 7u51 (2D)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0417"
},
{
"category": "external",
"summary": "RHBZ#1053501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053501"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0417",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0417"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0417",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0417"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK: unspecified vulnerability fixed in 5.0u71, 6u71 and 7u51 (2D)"
},
{
"cve": "CVE-2014-0422",
"discovery_date": "2014-01-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1051528"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to missing package access checks in the Naming / JNDI component, which allows attackers to escape the sandbox.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient package access checks in the Naming component (JNDI, 8025758)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0422"
},
{
"category": "external",
"summary": "RHBZ#1051528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0422",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0422"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0422",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0422"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: insufficient package access checks in the Naming component (JNDI, 8025758)"
},
{
"cve": "CVE-2014-0423",
"discovery_date": "2014-01-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1053066"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote authenticated users to affect confidentiality and availability via unknown vectors related to Beans. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability in DocumentHandler.java, related to Beans decoding.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: XXE issue in decoder (Beans, 8023245)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0423"
},
{
"category": "external",
"summary": "RHBZ#1053066",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053066"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0423",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0423"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0423",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0423"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: XXE issue in decoder (Beans, 8023245)"
},
{
"cve": "CVE-2014-0424",
"discovery_date": "2014-01-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1053504"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410, CVE-2014-0415, and CVE-2014-0418.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0424"
},
{
"category": "external",
"summary": "RHBZ#1053504",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053504"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0424",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0424"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0424",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0424"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)"
},
{
"cve": "CVE-2014-0428",
"discovery_date": "2014-01-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1051519"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to \"insufficient security checks in IIOP streams,\" which allows attackers to escape the sandbox.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient security checks in IIOP streams (CORBA, 8025767)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0428"
},
{
"category": "external",
"summary": "RHBZ#1051519",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051519"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0428",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0428"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: insufficient security checks in IIOP streams (CORBA, 8025767)"
},
{
"cve": "CVE-2014-0429",
"discovery_date": "2014-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1087409"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Incorrect mlib/raster image validation (2D, 8027841)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0429"
},
{
"category": "external",
"summary": "RHBZ#1087409",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087409"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0429",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0429"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0429",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0429"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA"
}
],
"release_date": "2014-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: Incorrect mlib/raster image validation (2D, 8027841)"
},
{
"cve": "CVE-2014-0446",
"discovery_date": "2014-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1087439"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Protect logger handlers (Libraries, 8029740)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0446"
},
{
"category": "external",
"summary": "RHBZ#1087439",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087439"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0446",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0446"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0446",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0446"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA"
}
],
"release_date": "2014-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: Protect logger handlers (Libraries, 8029740)"
},
{
"cve": "CVE-2014-0449",
"discovery_date": "2014-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1088028"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality via unknown vectors related to Deployment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u75, 7u55 and 8u5 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0449"
},
{
"category": "external",
"summary": "RHBZ#1088028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1088028"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0449",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0449"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0449",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0449"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA"
}
],
"release_date": "2014-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u75, 7u55 and 8u5 (Deployment)"
},
{
"cve": "CVE-2014-0451",
"discovery_date": "2014-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1087428"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT, a different vulnerability than CVE-2014-2412.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: AWT incorrect FlavorMap seperation (AWT, 8026797)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0451"
},
{
"category": "external",
"summary": "RHBZ#1087428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0451",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0451"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0451",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0451"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA"
}
],
"release_date": "2014-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: AWT incorrect FlavorMap seperation (AWT, 8026797)"
},
{
"cve": "CVE-2014-0452",
"discovery_date": "2014-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1087436"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0458 and CVE-2014-2423.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026801)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0452"
},
{
"category": "external",
"summary": "RHBZ#1087436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087436"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0452",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0452"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0452",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0452"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA"
}
],
"release_date": "2014-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026801)"
},
{
"cve": "CVE-2014-0453",
"discovery_date": "2014-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1086645"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: RSA unpadding timing issues (Security, 8027766)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0453"
},
{
"category": "external",
"summary": "RHBZ#1086645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1086645"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0453",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0453"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0453",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0453"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA"
}
],
"release_date": "2014-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: RSA unpadding timing issues (Security, 8027766)"
},
{
"cve": "CVE-2014-0457",
"discovery_date": "2014-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1087411"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u61, SE 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: ServiceLoader Exception handling security bypass (Libraries, 8031394)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0457"
},
{
"category": "external",
"summary": "RHBZ#1087411",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087411"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0457",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0457"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0457",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0457"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA"
}
],
"release_date": "2014-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: ServiceLoader Exception handling security bypass (Libraries, 8031394)"
},
{
"cve": "CVE-2014-0458",
"discovery_date": "2014-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1087430"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-2423.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Activation framework default command map caching (JAX-WS, 8025152)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0458"
},
{
"category": "external",
"summary": "RHBZ#1087430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087430"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0458",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0458"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0458",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0458"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA"
}
],
"release_date": "2014-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: Activation framework default command map caching (JAX-WS, 8025152)"
},
{
"cve": "CVE-2014-0460",
"discovery_date": "2014-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1087442"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0460"
},
{
"category": "external",
"summary": "RHBZ#1087442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087442"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0460",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0460"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0460",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0460"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA"
}
],
"release_date": "2014-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731)"
},
{
"cve": "CVE-2014-0461",
"discovery_date": "2014-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1087426"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Better ScriptEngineManager ScriptEngine management (Libraries, 8036794)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0461"
},
{
"category": "external",
"summary": "RHBZ#1087426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087426"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0461",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0461"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0461",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0461"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA"
}
],
"release_date": "2014-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: Better ScriptEngineManager ScriptEngine management (Libraries, 8036794)"
},
{
"cve": "CVE-2014-0878",
"discovery_date": "2014-05-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1097345"
}
],
"notes": [
{
"category": "description",
"text": "The IBMSecureRandom component in the IBMJCE and IBMSecureRandom cryptographic providers in IBM SDK Java Technology Edition 5.0 before Service Refresh 16 FP6, 6 before Service Refresh 16, 6.0.1 before Service Refresh 8, 7 before Service Refresh 7, and 7R1 before Service Refresh 1 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the random number generator\u0027s output.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: Vulnerability in the IBMSecureRandom implementation of the IBMJCE and IBMSecureRandom cryptographic providers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0878"
},
{
"category": "external",
"summary": "RHBZ#1097345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1097345"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0878",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0878"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0878",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0878"
}
],
"release_date": "2014-05-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: Vulnerability in the IBMSecureRandom implementation of the IBMJCE and IBMSecureRandom cryptographic providers"
},
{
"cve": "CVE-2014-1876",
"cwe": {
"id": "CWE-377",
"name": "Insecure Temporary File"
},
"discovery_date": "2014-02-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1060907"
}
],
"notes": [
{
"category": "description",
"text": "The unpacker::redirect_stdio function in unpack.cpp in unpack200 in OpenJDK 6, 7, and 8; Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 does not securely create temporary files when a log file cannot be opened, which allows local users to overwrite arbitrary files via a symlink attack on /tmp/unpack.log.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insecure temporary file use in unpack200 (Libraries, 8033618)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1876"
},
{
"category": "external",
"summary": "RHBZ#1060907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060907"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1876",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1876"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1876",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1876"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA"
}
],
"release_date": "2014-02-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: insecure temporary file use in unpack200 (Libraries, 8033618)"
},
{
"acknowledgments": [
{
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2014-2398",
"discovery_date": "2013-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1086632"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and JRockit R27.8.1 and R28.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Javadoc.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient escaping of window title string (Javadoc, 8026736)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-2398"
},
{
"category": "external",
"summary": "RHBZ#1086632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1086632"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-2398"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-2398",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2398"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA"
}
],
"release_date": "2014-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: insufficient escaping of window title string (Javadoc, 8026736)"
},
{
"cve": "CVE-2014-2401",
"discovery_date": "2014-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1088030"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality via unknown vectors related to 2D.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 5.0u75, 6u75, 7u55 and 8u5 (2D)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-2401"
},
{
"category": "external",
"summary": "RHBZ#1088030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1088030"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-2401",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-2401"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-2401",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2401"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA"
}
],
"release_date": "2014-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 5.0u75, 6u75, 7u55 and 8u5 (2D)"
},
{
"cve": "CVE-2014-2409",
"discovery_date": "2014-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1088027"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u75, 7u55 and 8u5 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-2409"
},
{
"category": "external",
"summary": "RHBZ#1088027",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1088027"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-2409",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-2409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-2409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2409"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA"
}
],
"release_date": "2014-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u75, 7u55 and 8u5 (Deployment)"
},
{
"cve": "CVE-2014-2412",
"discovery_date": "2014-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1087427"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, SE 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT, a different vulnerability than CVE-2014-0451.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: AWT thread context handling (AWT, 8025010)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-2412"
},
{
"category": "external",
"summary": "RHBZ#1087427",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087427"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-2412",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-2412"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-2412",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2412"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA"
}
],
"release_date": "2014-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: AWT thread context handling (AWT, 8025010)"
},
{
"cve": "CVE-2014-2414",
"discovery_date": "2014-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1087431"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXB.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-2414"
},
{
"category": "external",
"summary": "RHBZ#1087431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-2414",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-2414"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-2414",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2414"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA"
}
],
"release_date": "2014-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030)"
},
{
"cve": "CVE-2014-2420",
"discovery_date": "2014-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1088031"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect integrity via unknown vectors related to Deployment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u75, 7u55 and 8u5 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-2420"
},
{
"category": "external",
"summary": "RHBZ#1088031",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1088031"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-2420",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-2420"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-2420",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2420"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA"
}
],
"release_date": "2014-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u75, 7u55 and 8u5 (Deployment)"
},
{
"cve": "CVE-2014-2421",
"discovery_date": "2014-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1087417"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: JPEG decoder input stream handling (2D, 8029854)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-2421"
},
{
"category": "external",
"summary": "RHBZ#1087417",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087417"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-2421",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-2421"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-2421",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2421"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA"
}
],
"release_date": "2014-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: JPEG decoder input stream handling (2D, 8029854)"
},
{
"cve": "CVE-2014-2423",
"discovery_date": "2014-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1087434"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-0458.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026188)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-2423"
},
{
"category": "external",
"summary": "RHBZ#1087434",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087434"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-2423",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-2423"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-2423",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2423"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA"
}
],
"release_date": "2014-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026188)"
},
{
"cve": "CVE-2014-2427",
"discovery_date": "2014-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1087441"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: remove insecure Java Sound provider caching (Sound, 8026163)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-2427"
},
{
"category": "external",
"summary": "RHBZ#1087441",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087441"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-2427",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-2427"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-2427",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2427"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA"
}
],
"release_date": "2014-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: remove insecure Java Sound provider caching (Sound, 8026163)"
},
{
"cve": "CVE-2014-2428",
"discovery_date": "2014-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1088025"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u75, 7u55 and 8u5 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-2428"
},
{
"category": "external",
"summary": "RHBZ#1088025",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1088025"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-2428",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-2428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-2428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2428"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA"
}
],
"release_date": "2014-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-29T15:40:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0982"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u75, 7u55 and 8u5 (Deployment)"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…