SUSE Security Update: Security update for IBM Java 7
______________________________________________________________________________

Announcement ID:    SUSE-SU-2014:0733-2
Rating:             important
References:         #877429 
Cross-References:   CVE-2013-6629 CVE-2013-6954 CVE-2014-0428
                    CVE-2014-0429 CVE-2014-0446 CVE-2014-0448
                    CVE-2014-0449 CVE-2014-0451 CVE-2014-0452
                    CVE-2014-0453 CVE-2014-0454 CVE-2014-0455
                    CVE-2014-0457 CVE-2014-0458 CVE-2014-0459
                    CVE-2014-0460 CVE-2014-0461 CVE-2014-0878
                    CVE-2014-1876 CVE-2014-2398 CVE-2014-2401
                    CVE-2014-2402 CVE-2014-2409 CVE-2014-2412
                    CVE-2014-2414 CVE-2014-2420 CVE-2014-2421
                    CVE-2014-2423 CVE-2014-2427 CVE-2014-2428
                   
Affected Products:
                    SUSE Linux Enterprise Software Development Kit 11 SP3
                    SUSE Linux Enterprise Server 11 SP3 for VMware
                    SUSE Linux Enterprise Server 11 SP3
                    SUSE Linux Enterprise Java 11 SP3
______________________________________________________________________________

   An update that fixes 30 vulnerabilities is now available.

Description:


   IBM Java 7 was updated to version SR7, which received security and bug
   fixes.

   More information is available at:
   http://www.ibm.com/developerworks/java/jdk/aix/j764/Java7_64.fixes.html#SR7
   <Java7_64.fixes.html#SR
   7>

   Security Issues references:

       * CVE-2013-6629
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6629>
       * CVE-2013-6954
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6954>
       * CVE-2014-0429
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429>
       * CVE-2014-0446
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0446>
       * CVE-2014-0448
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0448>
       * CVE-2014-0449
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0449>
       * CVE-2014-0451
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451>
       * CVE-2014-0452
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452>
       * CVE-2014-0457
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457>
       * CVE-2014-0458
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458>
       * CVE-2014-0459
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0459>
       * CVE-2014-0460
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460>
       * CVE-2014-0461
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0461>
       * CVE-2014-1876
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1876>
       * CVE-2014-2398
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398>
       * CVE-2014-2401
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2401>
       * CVE-2014-2402
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2402>
       * CVE-2014-2409
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2409>
       * CVE-2014-2412
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412>
       * CVE-2014-2414
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414>
       * CVE-2014-2420
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2420>
       * CVE-2014-2421
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421>
       * CVE-2014-2423
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423>
       * CVE-2014-2427
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427>
       * CVE-2014-2428
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2428>
       * CVE-2014-0455
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0455>
       * CVE-2014-0428
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428>
       * CVE-2014-0453
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453>
       * CVE-2014-0454
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0454>
       * CVE-2014-0878
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0878>


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 11 SP3:

      zypper in -t patch sdksp3-java-1_7_0-ibm-9263

   - SUSE Linux Enterprise Server 11 SP3 for VMware:

      zypper in -t patch slessp3-java-1_7_0-ibm-9263

   - SUSE Linux Enterprise Server 11 SP3:

      zypper in -t patch slessp3-java-1_7_0-ibm-9263

   - SUSE Linux Enterprise Java 11 SP3:

      zypper in -t patch slejsp3-java-1_7_0-ibm-9263

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ppc64 s390x
 x86_64):

      java-1_7_0-ibm-devel-1.7.0_sr7.0-0.5.1

   - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64):

      java-1_7_0-ibm-1.7.0_sr7.0-0.5.1
      java-1_7_0-ibm-alsa-1.7.0_sr7.0-0.5.1
      java-1_7_0-ibm-jdbc-1.7.0_sr7.0-0.5.1
      java-1_7_0-ibm-plugin-1.7.0_sr7.0-0.5.1

   - SUSE Linux Enterprise Server 11 SP3 (i586 ppc64 s390x x86_64):

      java-1_7_0-ibm-1.7.0_sr7.0-0.5.1
      java-1_7_0-ibm-jdbc-1.7.0_sr7.0-0.5.1

   - SUSE Linux Enterprise Server 11 SP3 (i586 x86_64):

      java-1_7_0-ibm-alsa-1.7.0_sr7.0-0.5.1
      java-1_7_0-ibm-plugin-1.7.0_sr7.0-0.5.1

   - SUSE Linux Enterprise Java 11 SP3 (i586 ppc64 s390x x86_64):

      java-1_7_0-ibm-1.7.0_sr7.0-0.5.1
      java-1_7_0-ibm-devel-1.7.0_sr7.0-0.5.1
      java-1_7_0-ibm-jdbc-1.7.0_sr7.0-0.5.1

   - SUSE Linux Enterprise Java 11 SP3 (i586 x86_64):

      java-1_7_0-ibm-alsa-1.7.0_sr7.0-0.5.1
      java-1_7_0-ibm-plugin-1.7.0_sr7.0-0.5.1


References:

   http://support.novell.com/security/cve/CVE-2013-6629.html
   http://support.novell.com/security/cve/CVE-2013-6954.html
   http://support.novell.com/security/cve/CVE-2014-0428.html
   http://support.novell.com/security/cve/CVE-2014-0429.html
   http://support.novell.com/security/cve/CVE-2014-0446.html
   http://support.novell.com/security/cve/CVE-2014-0448.html
   http://support.novell.com/security/cve/CVE-2014-0449.html
   http://support.novell.com/security/cve/CVE-2014-0451.html
   http://support.novell.com/security/cve/CVE-2014-0452.html
   http://support.novell.com/security/cve/CVE-2014-0453.html
   http://support.novell.com/security/cve/CVE-2014-0454.html
   http://support.novell.com/security/cve/CVE-2014-0455.html
   http://support.novell.com/security/cve/CVE-2014-0457.html
   http://support.novell.com/security/cve/CVE-2014-0458.html
   http://support.novell.com/security/cve/CVE-2014-0459.html
   http://support.novell.com/security/cve/CVE-2014-0460.html
   http://support.novell.com/security/cve/CVE-2014-0461.html
   http://support.novell.com/security/cve/CVE-2014-0878.html
   http://support.novell.com/security/cve/CVE-2014-1876.html
   http://support.novell.com/security/cve/CVE-2014-2398.html
   http://support.novell.com/security/cve/CVE-2014-2401.html
   http://support.novell.com/security/cve/CVE-2014-2402.html
   http://support.novell.com/security/cve/CVE-2014-2409.html
   http://support.novell.com/security/cve/CVE-2014-2412.html
   http://support.novell.com/security/cve/CVE-2014-2414.html
   http://support.novell.com/security/cve/CVE-2014-2420.html
   http://support.novell.com/security/cve/CVE-2014-2421.html
   http://support.novell.com/security/cve/CVE-2014-2423.html
   http://support.novell.com/security/cve/CVE-2014-2427.html
   http://support.novell.com/security/cve/CVE-2014-2428.html
   https://bugzilla.novell.com/877429
   ?keywords=17742af872c505eb5cddf057e924c505

-- 
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org