Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in IBM Java5 JRE/SDK
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in IBM Java5 JRE/SDK
ID: SUSE-SU-2011:0863-2
Distribution: SUSE
Plattformen: SUSE Open Enterprise Server, SUSE Novell Linux POS 9, SUSE CORE 9
Datum: Do, 11. August 2011, 14:39
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0786
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0802
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0815
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0862
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0865
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0866
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0867
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0871
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0872
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0873
Applikationen: IBM Java5 JRE/SDK

Originalnachricht

   SUSE Security Update: Security update for IBM Java5 JRE and SDK
______________________________________________________________________________

Announcement ID: SUSE-SU-2011:0863-2
Rating: important
References: #707244
Affected Products:
SUSE CORE 9
Open Enterprise Server
Novell Linux POS 9
______________________________________________________________________________

An update that contains security fixes can now be installed.

Description:


IBM Java 1.5.0 SR12 FP5 has been released fixing bugs and
security issues.

Following security issues were fixed:

*

CVE-2011-0865: Unspecified vulnerability in the Java
Runtime Environment (JRE) component in Oracle Java SE 6
Update 25 and earlier, 5.0 Update 29 and earlier, and
1.4.2_31 and earlier allows remote untrusted Java Web Start
applications and untrusted Java applets to affect integrity
via unknown vectors related to Deserialization.

*

CVE-2011-0866: Unspecified vulnerability in the Java
Runtime Environment (JRE) component in Oracle Java SE 6
Update 25 and earlier, 5.0 Update 29 and earlier, and
1.4.2_31 and earlier, when running on Windows, allows
remote untrusted Java Web Start applications and untrusted
Java applets to affect confidentiality, integrity, and
availability via unknown vectors related to Java Runtime
Environment.

*

CVE-2011-0802: Unspecified vulnerability in the Java
Runtime Environment (JRE) component in Oracle Java SE 6
Update 25 and earlier, when running on Windows, allows
remote untrusted Java Web Start applications and untrusted
Java applets to affect confidentiality, integrity, and
availability via unknown vectors related to Deployment, a
different vulnerability than CVE-2011-0786.

*

CVE-2011-0814: Unspecified vulnerability in the Java
Runtime Environment (JRE) component in Oracle Java SE 6
Update 25 and earlier, 5.0 Update 29 and earlier, and
1.4.2_31 and earlier allows remote attackers to affect
confidentiality, integrity, and availability via unknown
vectors related to Sound, a different vulnerability than
CVE-2011-0802.

*

CVE-2011-0815: Unspecified vulnerability in the Java
Runtime Environment (JRE) component in Oracle Java SE 6
Update 25 and earlier, 5.0 Update 29 and earlier, and
1.4.2_31 and earlier allows remote untrusted Java Web Start
applications and untrusted Java applets to affect
confidentiality, integrity, and availability via unknown
vectors related to AWT.

*

CVE-2011-0862: Multiple unspecified vulnerabilities
in the Java Runtime Environment (JRE) component in Oracle
Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier,
and 1.4.2_31 and earlier allow remote attackers to affect
confidentiality, integrity, and availability via unknown
vectors related to 2D.

*

CVE-2011-0867: Unspecified vulnerability in the Java
Runtime Environment (JRE) component in Oracle Java SE 6
Update 25 and earlier, 5.0 Update 29 and earlier, and
1.4.2_31 and earlier allows remote untrusted Java Web Start
applications and untrusted Java applets to affect
confidentiality via unknown vectors related to Networking.

*

CVE-2011-0871: Unspecified vulnerability in the Java
Runtime Environment (JRE) component in Oracle Java SE 6
Update 25 and earlier, 5.0 Update 29 and earlier, and
1.4.2_31 and earlier allows remote untrusted Java Web Start
applications and untrusted Java applets to affect
confidentiality, integrity, and availability via unknown
vectors related to Swing.

*

CVE-2011-0872: Unspecified vulnerability in the Java
Runtime Environment (JRE) component in Oracle Java SE 6
Update 25 and earlier allows remote attackers to affect
availability via unknown vectors related to NIO.

*

CVE-2011-0873: Unspecified vulnerability in the Java
Runtime Environment (JRE) component in Oracle Java SE 6
Update 25 and earlier, and 5.0 Update 29 and earlier,
allows remote attackers to affect confidentiality,
integrity, and availability via unknown vectors related to
2D.

Indications:

Please install this update.


Package List:

- SUSE CORE 9 (i586 ppc ppc64 s390 s390x x86_64):

IBMJava5-JRE-1.5.0_sr12.5-0.6
IBMJava5-SDK-1.5.0_sr12.5-0.6

- Open Enterprise Server (i586):

IBMJava5-JRE-1.5.0_sr12.5-0.6
IBMJava5-SDK-1.5.0_sr12.5-0.6

- Novell Linux POS 9 (i586):

IBMJava5-JRE-1.5.0_sr12.5-0.6
IBMJava5-SDK-1.5.0_sr12.5-0.6


References:

https://bugzilla.novell.com/707244
?keywords=daac3f2447217cb1cc0ac6468eb37edc

--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung