- Vulnerability/
- RHSA-2015:1485
RHSA-2015:1485: Critical: java-1.7.1-ibm security update
First published: Wed Jul 22 2015(Updated: )
IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment<br>and the IBM Java Software Development Kit.<br>This update fixes several vulnerabilities in the IBM Java Runtime<br>Environment and the IBM Java Software Development Kit. Further information<br>about these flaws can be found on the IBM Java Security alerts page, listed<br>in the References section. (CVE-2015-1931, CVE-2015-2590, CVE-2015-2601,<br>CVE-2015-2613, CVE-2015-2619, CVE-2015-2621, CVE-2015-2625, CVE-2015-2632,<br>CVE-2015-2637, CVE-2015-2638, CVE-2015-2664, CVE-2015-4000, CVE-2015-4729,<br>CVE-2015-4731, CVE-2015-4732, CVE-2015-4733, CVE-2015-4736, CVE-2015-4748,<br>CVE-2015-4749, CVE-2015-4760)<br>Note: This update forces the TLS/SSL client implementation in IBM JDK to<br>reject DH key sizes below 768 bits to address the CVE-2015-4000 issue.<br>Refer to Red Hat Bugzilla bug 1223211, linked to in the References section,<br>for additional details about this change.<br>All users of java-1.7.1-ibm are advised to upgrade to these updated<br>packages, containing the IBM Java SE 7R1 SR3-FP10 release. All running<br>instances of IBM Java must be restarted for the update to take effect.<br>
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/java | <1.7.1-ibm-1.7.1.3.10-1jpp.1.el7_1 | 1.7.1-ibm-1.7.1.3.10-1jpp.1.el7_1 |
| redhat/java | <1.7.1-ibm-1.7.1.3.10-1jpp.1.el7_1 | 1.7.1-ibm-1.7.1.3.10-1jpp.1.el7_1 |
| redhat/java | <1.7.1-ibm-demo-1.7.1.3.10-1jpp.1.el7_1 | 1.7.1-ibm-demo-1.7.1.3.10-1jpp.1.el7_1 |
| redhat/java | <1.7.1-ibm-devel-1.7.1.3.10-1jpp.1.el7_1 | 1.7.1-ibm-devel-1.7.1.3.10-1jpp.1.el7_1 |
| redhat/java | <1.7.1-ibm-devel-1.7.1.3.10-1jpp.1.el7_1 | 1.7.1-ibm-devel-1.7.1.3.10-1jpp.1.el7_1 |
| redhat/java | <1.7.1-ibm-jdbc-1.7.1.3.10-1jpp.1.el7_1 | 1.7.1-ibm-jdbc-1.7.1.3.10-1jpp.1.el7_1 |
| redhat/java | <1.7.1-ibm-plugin-1.7.1.3.10-1jpp.1.el7_1 | 1.7.1-ibm-plugin-1.7.1.3.10-1jpp.1.el7_1 |
| redhat/java | <1.7.1-ibm-src-1.7.1.3.10-1jpp.1.el7_1 | 1.7.1-ibm-src-1.7.1.3.10-1jpp.1.el7_1 |
| redhat/java | <1.7.1-ibm-1.7.1.3.10-1jpp.3.el6_7 | 1.7.1-ibm-1.7.1.3.10-1jpp.3.el6_7 |
| redhat/java | <1.7.1-ibm-demo-1.7.1.3.10-1jpp.3.el6_7 | 1.7.1-ibm-demo-1.7.1.3.10-1jpp.3.el6_7 |
| redhat/java | <1.7.1-ibm-devel-1.7.1.3.10-1jpp.3.el6_7 | 1.7.1-ibm-devel-1.7.1.3.10-1jpp.3.el6_7 |
| redhat/java | <1.7.1-ibm-jdbc-1.7.1.3.10-1jpp.3.el6_7 | 1.7.1-ibm-jdbc-1.7.1.3.10-1jpp.3.el6_7 |
| redhat/java | <1.7.1-ibm-plugin-1.7.1.3.10-1jpp.3.el6_7 | 1.7.1-ibm-plugin-1.7.1.3.10-1jpp.3.el6_7 |
| redhat/java | <1.7.1-ibm-src-1.7.1.3.10-1jpp.3.el6_7 | 1.7.1-ibm-src-1.7.1.3.10-1jpp.3.el6_7 |
| redhat/java | <1.7.1-ibm-1.7.1.3.10-1jpp.3.el6_7 | 1.7.1-ibm-1.7.1.3.10-1jpp.3.el6_7 |
| redhat/java | <1.7.1-ibm-demo-1.7.1.3.10-1jpp.3.el6_7 | 1.7.1-ibm-demo-1.7.1.3.10-1jpp.3.el6_7 |
| redhat/java | <1.7.1-ibm-devel-1.7.1.3.10-1jpp.3.el6_7 | 1.7.1-ibm-devel-1.7.1.3.10-1jpp.3.el6_7 |
| redhat/java | <1.7.1-ibm-jdbc-1.7.1.3.10-1jpp.3.el6_7 | 1.7.1-ibm-jdbc-1.7.1.3.10-1jpp.3.el6_7 |
| redhat/java | <1.7.1-ibm-plugin-1.7.1.3.10-1jpp.3.el6_7 | 1.7.1-ibm-plugin-1.7.1.3.10-1jpp.3.el6_7 |
| redhat/java | <1.7.1-ibm-src-1.7.1.3.10-1jpp.3.el6_7 | 1.7.1-ibm-src-1.7.1.3.10-1jpp.3.el6_7 |
| redhat/java | <1.7.1-ibm-demo-1.7.1.3.10-1jpp.1.el7_1 | 1.7.1-ibm-demo-1.7.1.3.10-1jpp.1.el7_1 |
| redhat/java | <1.7.1-ibm-jdbc-1.7.1.3.10-1jpp.1.el7_1 | 1.7.1-ibm-jdbc-1.7.1.3.10-1jpp.1.el7_1 |
| redhat/java | <1.7.1-ibm-src-1.7.1.3.10-1jpp.1.el7_1 | 1.7.1-ibm-src-1.7.1.3.10-1jpp.1.el7_1 |
| redhat/java | <1.7.1-ibm-plugin-1.7.1.3.10-1jpp.1.el7_1 | 1.7.1-ibm-plugin-1.7.1.3.10-1jpp.1.el7_1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1223211
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1241965
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1242019
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1242234
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1242240
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1242275
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1242281
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1242372
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1242379
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1242394
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1242447
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1242456
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1243139
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1243283
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1243284
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1243286
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1243287
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1243290
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1243300
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1244828
- https://access.redhat.com/security/updates/classification/#critical
- http://www.ibm.com/developerworks/java/jdk/alerts/
- https://bugzilla.redhat.com/show_bug.cgi?id=1223211#c33
- https://access.redhat.com/errata/RHSA-2015:1485 (Advisory)
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- collector/redhat-errata
- anchor-id/RHSA-2015:1485
- package-manager/redhat