What is the severity of RHSA-2015:1021?

The severity of RHSA-2015:1021 is classified as important due to vulnerabilities that could allow unauthorized access or manipulation of system resources.

How do I fix RHSA-2015:1021?

To fix RHSA-2015:1021, you must update the affected Java packages to the specified version 1.5.0-ibm-1.5.0.16.10-1jpp.1.el6_6 or later.

What products are affected by RHSA-2015:1021?

RHSA-2015:1021 affects multiple IBM Java Runtime Environment and IBM Java Software Development Kit packages, particularly versions 1.5.0-ibm.

Is there a workaround for RHSA-2015:1021?

While the best solution is to apply the recommended updates, temporary mitigation steps may involve restricting access to vulnerable services.

When was RHSA-2015:1021 released?

RHSA-2015:1021 was released as a security advisory by Red Hat on March 31, 2015.

Vulnerability/
RHSA-2015:1021

20/5/2015

RHSA-2015:1021: Important: java-1.5.0-ibm security update

First published: Wed May 20 2015(Updated: )

IBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2005-1080, CVE-2015-0138, CVE-2015-0192, CVE-2015-0459, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488, CVE-2015-0491, CVE-2015-1914, CVE-2015-2808) The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security. Note: With this update, the IBM JDK now disables RC4 SSL/TLS cipher suites by default to address the CVE-2015-2808 issue. Refer to Red Hat Bugzilla bug 1207101, linked to in the References section, for additional details about this change. IBM Java SDK and JRE 5.0 will not receive software updates after September 2015. This date is referred to as the End of Service (EOS) date. Customers are advised to migrate to current versions of IBM Java at this time. IBM Java SDK and JRE versions 6 and 7 are available via the Red Hat Enterprise Linux 5 and 6 Supplementary content sets and will continue to receive updates based on IBM's lifecycle policy, linked to in the References section. Customers can also consider OpenJDK, an open source implementation of the Java SE specification. OpenJDK is available by default on supported hardware architectures. All users of java-1.5.0-ibm are advised to upgrade to these updated packages, containing the IBM J2SE 5.0 SR16-FP10 release. All running instances of IBM Java must be restarted for this update to take effect.

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2015:1021?
The severity of RHSA-2015:1021 is classified as important due to vulnerabilities that could allow unauthorized access or manipulation of system resources.
How do I fix RHSA-2015:1021?
To fix RHSA-2015:1021, you must update the affected Java packages to the specified version 1.5.0-ibm-1.5.0.16.10-1jpp.1.el6_6 or later.
What products are affected by RHSA-2015:1021?
RHSA-2015:1021 affects multiple IBM Java Runtime Environment and IBM Java Software Development Kit packages, particularly versions 1.5.0-ibm.
Is there a workaround for RHSA-2015:1021?
While the best solution is to apply the recommended updates, temporary mitigation steps may involve restricting access to vulnerable services.
When was RHSA-2015:1021 released?
RHSA-2015:1021 was released as a security advisory by Red Hat on March 31, 2015.

agent/severity
agent/type
agent/softwarecombine
agent/first-publish-date
agent/last-modified-date
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2015:1021
agent/software-canonical-lookup
agent/title
agent/remedy
agent/references
agent/description
agent/event
agent/trending
agent/tags
agent/source
package-manager/redhat