Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in IBM Java5 JRE und IBM Java5 SDK
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in IBM Java5 JRE und IBM Java5 SDK
ID: SUSE-SU-2011:0863-2
Distribution: SUSE
Plattformen: SUSE Open Enterprise Server, SUSE Novell Linux POS 9, SUSE CORE 9
Datum: Do, 11. August 2011, 14:39
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0865
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0802
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0871
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0873
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0867
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0866
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0862
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0872
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0786
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0815
Applikationen: IBM JDK for Linux, IBM JDK for Linux

Originalnachricht

 
   SUSE Security Update: Security update for IBM Java5 JRE and SDK
______________________________________________________________________________

Announcement ID:    SUSE-SU-2011:0863-2
Rating:             important
References:         #707244 
Affected Products:
                    SUSE CORE 9
                    Open Enterprise Server
                    Novell Linux POS 9
______________________________________________________________________________

   An update that contains security fixes can now be installed.

Description:


   IBM Java 1.5.0 SR12 FP5 has been released fixing bugs and
   security issues.

   Following security issues were fixed:

   *

   CVE-2011-0865: Unspecified vulnerability in the Java
   Runtime Environment (JRE) component in Oracle Java SE 6
   Update 25 and earlier, 5.0 Update 29 and earlier, and
   1.4.2_31 and earlier allows remote untrusted Java Web Start
   applications and untrusted Java applets to affect integrity
   via unknown vectors related to Deserialization.

   *

   CVE-2011-0866: Unspecified vulnerability in the Java
   Runtime Environment (JRE) component in Oracle Java SE 6
   Update 25 and earlier, 5.0 Update 29 and earlier, and
   1.4.2_31 and earlier, when running on Windows, allows
   remote untrusted Java Web Start applications and untrusted
   Java applets to affect confidentiality, integrity, and
   availability via unknown vectors related to Java Runtime
   Environment.

   *

   CVE-2011-0802: Unspecified vulnerability in the Java
   Runtime Environment (JRE) component in Oracle Java SE 6
   Update 25 and earlier, when running on Windows, allows
   remote untrusted Java Web Start applications and untrusted
   Java applets to affect confidentiality, integrity, and
   availability via unknown vectors related to Deployment, a
   different vulnerability than CVE-2011-0786.

   *

   CVE-2011-0814: Unspecified vulnerability in the Java
   Runtime Environment (JRE) component in Oracle Java SE 6
   Update 25 and earlier, 5.0 Update 29 and earlier, and
   1.4.2_31 and earlier allows remote attackers to affect
   confidentiality, integrity, and availability via unknown
   vectors related to Sound, a different vulnerability than
   CVE-2011-0802.

   *

   CVE-2011-0815: Unspecified vulnerability in the Java
   Runtime Environment (JRE) component in Oracle Java SE 6
   Update 25 and earlier, 5.0 Update 29 and earlier, and
   1.4.2_31 and earlier allows remote untrusted Java Web Start
   applications and untrusted Java applets to affect
   confidentiality, integrity, and availability via unknown
   vectors related to AWT.

   *

   CVE-2011-0862: Multiple unspecified vulnerabilities
   in the Java Runtime Environment (JRE) component in Oracle
   Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier,
   and 1.4.2_31 and earlier allow remote attackers to affect
   confidentiality, integrity, and availability via unknown
   vectors related to 2D.

   *

   CVE-2011-0867: Unspecified vulnerability in the Java
   Runtime Environment (JRE) component in Oracle Java SE 6
   Update 25 and earlier, 5.0 Update 29 and earlier, and
   1.4.2_31 and earlier allows remote untrusted Java Web Start
   applications and untrusted Java applets to affect
   confidentiality via unknown vectors related to Networking.

   *

   CVE-2011-0871: Unspecified vulnerability in the Java
   Runtime Environment (JRE) component in Oracle Java SE 6
   Update 25 and earlier, 5.0 Update 29 and earlier, and
   1.4.2_31 and earlier allows remote untrusted Java Web Start
   applications and untrusted Java applets to affect
   confidentiality, integrity, and availability via unknown
   vectors related to Swing.

   *

   CVE-2011-0872: Unspecified vulnerability in the Java
   Runtime Environment (JRE) component in Oracle Java SE 6
   Update 25 and earlier allows remote attackers to affect
   availability via unknown vectors related to NIO.

   *

   CVE-2011-0873: Unspecified vulnerability in the Java
   Runtime Environment (JRE) component in Oracle Java SE 6
   Update 25 and earlier, and 5.0 Update 29 and earlier,
   allows remote attackers to affect confidentiality,
   integrity, and availability via unknown vectors related to
   2D.

Indications:

   Please install this update.


Package List:

   - SUSE CORE 9 (i586 ppc ppc64 s390 s390x x86_64):

      IBMJava5-JRE-1.5.0_sr12.5-0.6
      IBMJava5-SDK-1.5.0_sr12.5-0.6

   - Open Enterprise Server (i586):

      IBMJava5-JRE-1.5.0_sr12.5-0.6
      IBMJava5-SDK-1.5.0_sr12.5-0.6

   - Novell Linux POS 9 (i586):

      IBMJava5-JRE-1.5.0_sr12.5-0.6
      IBMJava5-SDK-1.5.0_sr12.5-0.6


References:

   https://bugzilla.novell.com/707244
   ?keywords=daac3f2447217cb1cc0ac6468eb37edc

-- 
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung