Bug 938895 (CVE-2015-1931)

Summary: VUL-0: java-1_5_0-ibm,java-1_6_0-ibm,java-1_7_0-ibm,java-1_7_1-ibm: IBM July 2015 Java update
Product: [Novell Products] SUSE Security Incidents Reporter: Johannes Segitz <jsegitz>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Major    
Priority: P3 - Medium CC: astieger, bugproxy, hannsj_uhl, jreuter, mcowley, meissner, smash_bz, tstaudt
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/119126/
See Also: https://bugzilla.linux.ibm.com/show_bug.cgi?id=127869
Whiteboard: maint:released:sle10-sp3:62271 CVSSv2:RedHat:CVE-2015-1931:1.9:(AV:L/AC:M/Au:N/C:P/I:N/A:N) CVSSv2:NVD:CVE-2015-2590:10.0:(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVSSv2:NVD:CVE-2015-2596:4.3:(AV:N/AC:M/Au:N/C:N/I:P/A:N) CVSSv2:NVD:CVE-2015-2597:7.2:(AV:L/AC:L/Au:N/C:C/I:C/A:C) CVSSv2:NVD:CVE-2015-2601:5.0:(AV:N/AC:L/Au:N/C:P/I:N/A:N) CVSSv2:NVD:CVE-2015-2613:5.0:(AV:N/AC:L/Au:N/C:P/I:N/A:N) CVSSv2:NVD:CVE-2015-2619:5.0:(AV:N/AC:L/Au:N/C:P/I:N/A:N) CVSSv2:NVD:CVE-2015-2621:5.0:(AV:N/AC:L/Au:N/C:P/I:N/A:N) CVSSv2:NVD:CVE-2015-2625:2.6:(AV:N/AC:H/Au:N/C:P/I:N/A:N) CVSSv2:NVD:CVE-2015-2627:2.6:(AV:N/AC:H/Au:N/C:P/I:N/A:N) CVSSv2:NVD:CVE-2015-2628:10.0:(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVSSv2:NVD:CVE-2015-2632:5.0:(AV:N/AC:L/Au:N/C:P/I:N/A:N) CVSSv2:NVD:CVE-2015-2637:5.0:(AV:N/AC:L/Au:N/C:P/I:N/A:N) CVSSv2:NVD:CVE-2015-2638:10.0:(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVSSv2:NVD:CVE-2015-2659:5.0:(AV:N/AC:L/Au:N/C:N/I:N/A:P) CVSSv2:NVD:CVE-2015-2664:6.9:(AV:L/AC:M/Au:N/C:C/I:C/A:C) CVSSv2:NVD:CVE-2015-4729:4.0:(AV:N/AC:H/Au:N/C:P/I:P/A:N) CVSSv2:NVD:CVE-2015-4731:10.0:(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVSSv2:NVD:CVE-2015-4732:10.0:(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVSSv2:NVD:CVE-2015-4733:10.0:(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVSSv2:NVD:CVE-2015-4736:9.3:(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVSSv2:NVD:CVE-2015-4748:7.6:(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVSSv2:NVD:CVE-2015-4749:4.3:(AV:N/AC:M/Au:N/C:N/I:N/A:P) CVSSv2:NVD:CVE-2015-4760:10.0:(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVSSv2:RedHat:CVE-2015-2590:6.8:(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVSSv2:RedHat:CVE-2015-2596:4.3:(AV:N/AC:M/Au:N/C:N/I:P/A:N) CVSSv2:RedHat:CVE-2015-2597:7.2:(AV:L/AC:L/Au:N/C:C/I:C/A:C) CVSSv2:RedHat:CVE-2015-2601:5.0:(AV:N/AC:L/Au:N/C:P/I:N/A:N) CVSSv2:RedHat:CVE-2015-2613:5.0:(AV:N/AC:L/Au:N/C:P/I:N/A:N) CVSSv2:RedHat:CVE-2015-2619:4.3:(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVSSv2:RedHat:CVE-2015-2621:4.3:(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVSSv2:RedHat:CVE-2015-2625:2.6:(AV:N/AC:H/Au:N/C:N/I:P/A:N) CVSSv2:RedHat:CVE-2015-2627:2.6:(AV:N/AC:H/Au:N/C:P/I:N/A:N) CVSSv2:RedHat:CVE-2015-2628:6.8:(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVSSv2:RedHat:CVE-2015-2632:2.6:(AV:N/AC:H/Au:N/C:P/I:N/A:N) CVSSv2:RedHat:CVE-2015-2632:4.3:(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVSSv2:RedHat:CVE-2015-2637:4.3:(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVSSv2:RedHat:CVE-2015-2638:6.8:(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVSSv2:RedHat:CVE-2015-2659:5.0:(AV:N/AC:L/Au:N/C:N/I:N/A:P) CVSSv2:RedHat:CVE-2015-2664:4.4:(AV:L/AC:M/Au:N/C:P/I:P/A:P) CVSSv2:RedHat:CVE-2015-4729:4.0:(AV:N/AC:H/Au:N/C:P/I:P/A:N) CVSSv2:RedHat:CVE-2015-4731:6.8:(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVSSv2:RedHat:CVE-2015-4732:6.8:(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVSSv2:RedHat:CVE-2015-4733:6.8:(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVSSv2:RedHat:CVE-2015-4736:6.8:(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVSSv2:RedHat:CVE-2015-4748:4.3:(AV:N/AC:M/Au:N/C:N/I:P/A:N) CVSSv2:RedHat:CVE-2015-4749:4.3:(AV:N/AC:M/Au:N/C:N/I:N/A:P) CVSSv2:RedHat:CVE-2015-4760:5.1:(AV:N/AC:H/Au:N/C:P/I:P/A:P) CVSSv2:RedHat:CVE-2015-4760:6.8:(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVSSv2:UNK(Oracle):CVE-2015-2590:10.0:(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVSSv2:UNK(Oracle):CVE-2015-2596:4.3:(AV:N/AC:M/Au:N/C:N/I:P/A:N) CVSSv2:UNK(Oracle):CVE-2015-2597:7.2:(AV:L/AC:L/Au:N/C:C/I:C/A:C) CVSSv2:UNK(Oracle):CVE-2015-2601:5.0:(AV:N/AC:L/Au:N/C:P/I:N/A:N) CVSSv2:UNK(Oracle):CVE-2015-2613:5.0:(AV:N/AC:L/Au:N/C:P/I:N/A:N) CVSSv2:UNK(Oracle):CVE-2015-2619:5.0:(AV:N/AC:L/Au:N/C:P/I:N/A:N) CVSSv2:UNK(Oracle):CVE-2015-2621:5.0:(AV:N/AC:L/Au:N/C:P/I:N/A:N) CVSSv2:UNK(Oracle):CVE-2015-2625:2.6:(AV:N/AC:H/Au:N/C:P/I:N/A:N) CVSSv2:UNK(Oracle):CVE-2015-2627:2.6:(AV:N/AC:H/Au:N/C:P/I:N/A:N) CVSSv2:UNK(Oracle):CVE-2015-2628:10.0:(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVSSv2:UNK(Oracle):CVE-2015-2632:5.0:(AV:N/AC:L/Au:N/C:P/I:N/A:N) CVSSv2:UNK(Oracle):CVE-2015-2637:5.0:(AV:N/AC:L/Au:N/C:P/I:N/A:N) CVSSv2:UNK(Oracle):CVE-2015-2638:10.0:(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVSSv2:UNK(Oracle):CVE-2015-2659:5.0:(AV:N/AC:L/Au:N/C:N/I:N/A:P) CVSSv2:UNK(Oracle):CVE-2015-2664:6.9:(AV:L/AC:M/Au:N/C:C/I:C/A:C) CVSSv2:UNK(Oracle):CVE-2015-4729:4.0:(AV:N/AC:H/Au:N/C:P/I:P/A:N) CVSSv2:UNK(Oracle):CVE-2015-4731:10.0:(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVSSv2:UNK(Oracle):CVE-2015-4732:10.0:(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVSSv2:UNK(Oracle):CVE-2015-4733:10.0:(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVSSv2:UNK(Oracle):CVE-2015-4736:9.3:(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVSSv2:UNK(Oracle):CVE-2015-4748:7.6:(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVSSv2:UNK(Oracle):CVE-2015-4749:4.3:(AV:N/AC:M/Au:N/C:N/I:N/A:P) CVSSv2:UNK(Oracle):CVE-2015-4760:10.0:(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Bug Depends on:    
Bug Blocks: 925378    

Description Johannes Segitz 2015-07-21 09:59:41 UTC
http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2015

IBM fixes the security issues fixed in Oracle Java as applicable and one additional issue
specific to IBM java (CVE-2015-1931).

Security issues by package:
java-1_7_0-ibm
- CVE-2015-1931
- CVE-2015-2638
- CVE-2015-4733
- CVE-2015-4732
- CVE-2015-2590
- CVE-2015-4731
- CVE-2015-4760
- CVE-2015-4748
- CVE-2015-2664
- CVE-2015-2632
- CVE-2015-2637
- CVE-2015-2619
- CVE-2015-2621
- CVE-2015-2613
- CVE-2015-2601
- CVE-2015-4749
- CVE-2015-4000
- CVE-2015-4729
- CVE-2015-2808
- CVE-2015-2625

java-1_7_1-ibm
- CVE-2015-1931
- CVE-2015-2638
- CVE-2015-4733
- CVE-2015-4732
- CVE-2015-2590
- CVE-2015-4731
- CVE-2015-4760
- CVE-2015-4748
- CVE-2015-2664
- CVE-2015-2632
- CVE-2015-2637
- CVE-2015-2619
- CVE-2015-2621
- CVE-2015-2613
- CVE-2015-2601
- CVE-2015-4749
- CVE-2015-4000
- CVE-2015-4729
- CVE-2015-2808
- CVE-2015-2625

java-1_6_0-ibm
- CVE-2015-1931
- CVE-2015-2638
- CVE-2015-4733
- CVE-2015-4732
- CVE-2015-2590
- CVE-2015-4731
- CVE-2015-4760
- CVE-2015-4748
- CVE-2015-2664
- CVE-2015-2632
- CVE-2015-2637
- CVE-2015-2621
- CVE-2015-2601
- CVE-2015-4749
- CVE-2015-4000
- CVE-2015-2808
- CVE-2015-2625

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1244828
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1931
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1931
Comment 1 Swamp Workflow Management 2015-07-21 10:04:44 UTC
An update workflow for this issue was started.
This issue was rated as important.
Please submit fixed packages until 2015-07-28.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/62226
Comment 2 Andreas Stieger 2015-07-21 10:15:26 UTC
CVE-2015-4000 is bug 931600
Comment 3 Andreas Stieger 2015-07-21 10:24:36 UTC
CVE-2015-2808 is bug 925378 (RC4)
Comment 4 Tomáš Chvátal 2015-07-21 10:50:14 UTC
Atm it ain't downloadable, will try tomorrow:

https://www-01.ibm.com/marketing/iwm/iwm/web/preLogin.do?source=swg-sdk6&S_PKG=amd64_6.0.16.7&S_TACT=105AGX05&S_CMP=JDK
HTTP Error 500: Internal Server Error
https://www-01.ibm.com/marketing/iwm/iwm/web/preLogin.do?source=swg-sdk8&S_PKG=amd64_8.0.1.10&S_TACT=105AGX05&S_CMP=JDK
HTTP Error 500: Internal Server Error
Comment 5 Johannes Segitz 2015-07-21 11:03:17 UTC
Also java-1_5_0-ibm
- CVE-2015-1931
- CVE-2015-2638
- CVE-2015-4733
- CVE-2015-4732
- CVE-2015-2590
- CVE-2015-4731
- CVE-2015-4760
- CVE-2015-4748
- CVE-2015-2664
- CVE-2015-2632
- CVE-2015-2637
- CVE-2015-2621
- CVE-2015-2601
- CVE-2015-4749
- CVE-2015-4000
- CVE-2015-2808
Comment 6 Hanns-Joachim Uhl 2015-07-21 13:37:08 UTC
(In reply to Johannes Segitz from comment #5)
> Also java-1_5_0-ibm
.
fyi ... with regard to the updated IBM Java "5.0.16.13" as outlined at
http://www.ibm.com/developerworks/java/jdk/alerts/#Oracle_July_14_2015_CPU
please note that there will be no further Java 5 updates on DeveloperWorks because of the Sept 2015 EOS date for IBM Java 5 ...
.
... so to pick up 5.0.16.13 you will need to go to Fix Central:
http://www-933.ibm.com/support/fixcentral/
.
... as an example here is a link to the fixpack for Linux 64-bit,zSeries:
http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/IBM+SDKs+for+Java+Technology/Java+Standard+Edition+%28Java+SE%29&release=5.0.16.13&platform=Linux+64-bit,zSeries&function=aparId&apars=IV75129 
.
Comment 7 Tomáš Chvátal 2015-07-21 13:56:44 UTC
(In reply to Hanns-Joachim Uhl from comment #6)
> (In reply to Johannes Segitz from comment #5)
> > Also java-1_5_0-ibm
> .
> fyi ... with regard to the updated IBM Java "5.0.16.13" as outlined at
> http://www.ibm.com/developerworks/java/jdk/alerts/#Oracle_July_14_2015_CPU
> please note that there will be no further Java 5 updates on DeveloperWorks
> because of the Sept 2015 EOS date for IBM Java 5 ...
> .
> ... so to pick up 5.0.16.13 you will need to go to Fix Central:
> http://www-933.ibm.com/support/fixcentral/
> .
> ... as an example here is a link to the fixpack for Linux 64-bit,zSeries:
> http://www-933.ibm.com/support/fixcentral/swg/
> selectFixes?parent=ibm~WebSphere&product=ibm/IBM+SDKs+for+Java+Technology/
> Java+Standard+Edition+%28Java+SE%29&release=5.0.16.13&platform=Linux+64-bit,
> zSeries&function=aparId&apars=IV75129 
> .

Hm, when I tried to download this I failed because on using our arcane login it said it has not verified email address, which I dunno what was anyway, so I will have to create new account. (will do tomorrow)

Slightly unrelated question: Do you have to redesign/tweak the wepage for regular downlaod with almost each release of ibmjava?  I have to usually 1-2 hours tweaking the download scrapper just to get the resulting ~20 .bin files?

Not having to go over 4 pages formular checking that "no I don't want to get promo materials" everytime is quite not what I would consider fun. Even with the two hours editing I consider it less pain than this form clicking :)

Great solution would be if you guys set-up ftp for partners only where we could simply fetch the files and bypass this lovely download mechanisms.
Comment 8 Swamp Workflow Management 2015-07-21 21:59:39 UTC
bugbot adjusting priority
Comment 9 Tomáš Chvátal 2015-07-22 09:05:47 UTC
I am unable to download 7.0-9.10 for s390. It is not available on the page:

https://www.ibm.com/services/forms/preLogin.do?source=swg-sdk7&S_PKG=zseries31_7.0.9.10&S_TACT=105AGX05&S_CMP=JDK
Comment 10 Tomáš Chvátal 2015-07-22 11:22:09 UTC
(In reply to Hanns-Joachim Uhl from comment #6)
> (In reply to Johannes Segitz from comment #5)
> > Also java-1_5_0-ibm
> .
> fyi ... with regard to the updated IBM Java "5.0.16.13" as outlined at
> http://www.ibm.com/developerworks/java/jdk/alerts/#Oracle_July_14_2015_CPU
> please note that there will be no further Java 5 updates on DeveloperWorks
> because of the Sept 2015 EOS date for IBM Java 5 ...
> .
> ... so to pick up 5.0.16.13 you will need to go to Fix Central:
> http://www-933.ibm.com/support/fixcentral/
> .
> ... as an example here is a link to the fixpack for Linux 64-bit,zSeries:
> http://www-933.ibm.com/support/fixcentral/swg/
> selectFixes?parent=ibm~WebSphere&product=ibm/IBM+SDKs+for+Java+Technology/
> Java+Standard+Edition+%28Java+SE%29&release=5.0.16.13&platform=Linux+64-bit,
> zSeries&function=aparId&apars=IV75129 
> .

I am unable to register new account for the fixcentral. When I click on the IBM My ID I get e-mail confirmation with link (and token) and that shows only blank empty page...

1.7.1 1.6.0 and 1.8.0 are updated in devel:ibmjava.
Comment 11 Tomáš Chvátal 2015-07-27 08:36:42 UTC
Today I managed to get ibmjava 1.5.0 so we have it again in Devel:ibmjava.

The 7.0 series s390 is nowhere to be found per c#9 -> we can't do jdk7 update.

@security: should we wait or should I submit the rest right away?
Comment 12 Johannes Segitz 2015-07-27 09:39:24 UTC
(In reply to Tomáš Chvátal from comment #11)
Please submit right away since we don't know how long this will take
Comment 14 Tomáš Chvátal 2015-07-27 12:06:38 UTC
All submissions done except the 1.7.0 which has missing s390 binary installer.

Let me know if you wish some other platform too.
Comment 21 Hanns-Joachim Uhl 2015-07-30 14:33:19 UTC
(In reply to Tomáš Chvátal from comment #11)
> Today I managed to get ibmjava 1.5.0 so we have it again in Devel:ibmjava.
> 
> The 7.0 series s390 is nowhere to be found per c#9 -> we can't do jdk7
> update.
> 
.
Hello SUSE / Tomas,
... I just got the notice that the 31-bit version for System z for 
"IBM SDK, Java Technology Edition, Version 7, Service Refresh 9 Fix Pack 10"
is now available from developerworks at e.g. from
https://www-01.ibm.com/marketing/iwm/iwm/web/acceptSignup.do?source=swg-sdk7&S_PKG=zseries31_7.0.9.10&S_TACT=105AGX05&S_CMP=JDK&lang=en_US  ..
... can you please check from your side whether this is working for you ..?
Please advise ..
Thanks in advance for your support.
Comment 23 Swamp Workflow Management 2015-07-31 14:09:14 UTC
SUSE-SU-2015:1329-1: An update that fixes 20 vulnerabilities is now available.

Category: security (important)
Bug References: 935540,938895
CVE References: CVE-2015-1931,CVE-2015-2590,CVE-2015-2601,CVE-2015-2613,CVE-2015-2619,CVE-2015-2621,CVE-2015-2625,CVE-2015-2632,CVE-2015-2637,CVE-2015-2638,CVE-2015-2664,CVE-2015-2808,CVE-2015-4000,CVE-2015-4729,CVE-2015-4731,CVE-2015-4732,CVE-2015-4733,CVE-2015-4748,CVE-2015-4749,CVE-2015-4760
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    java-1_7_1-ibm-1.7.1_sr3.10-3.1
SUSE Linux Enterprise Server 11-SP4 (src):    java-1_7_1-ibm-1.7.1_sr3.10-3.1
Comment 24 LTC BugProxy 2015-08-04 06:13:11 UTC
------- Comment From hannsj_uhl@de.ibm.com 2015-08-03 09:13 EDT-------
.

------- Comment From hannsj_uhl@de.ibm.com 2015-08-04 06:07 EDT-------
.
Comment 25 Swamp Workflow Management 2015-08-05 09:09:19 UTC
SUSE-SU-2015:1345-1: An update that fixes 17 vulnerabilities is now available.

Category: security (important)
Bug References: 935540,936844,938895
CVE References: CVE-2015-1931,CVE-2015-2590,CVE-2015-2601,CVE-2015-2621,CVE-2015-2625,CVE-2015-2632,CVE-2015-2637,CVE-2015-2638,CVE-2015-2664,CVE-2015-2808,CVE-2015-4000,CVE-2015-4731,CVE-2015-4732,CVE-2015-4733,CVE-2015-4748,CVE-2015-4749,CVE-2015-4760
Sources used:
SUSE Linux Enterprise Module for Legacy Software 12 (src):    java-1_6_0-ibm-1.6.0_sr16.7-22.2
Comment 26 Swamp Workflow Management 2015-08-12 16:09:52 UTC
SUSE-SU-2015:1375-1: An update that fixes 21 vulnerabilities is now available.

Category: security (important)
Bug References: 935540,938895
CVE References: CVE-2015-0192,CVE-2015-1931,CVE-2015-2590,CVE-2015-2601,CVE-2015-2613,CVE-2015-2619,CVE-2015-2621,CVE-2015-2625,CVE-2015-2632,CVE-2015-2637,CVE-2015-2638,CVE-2015-2664,CVE-2015-2808,CVE-2015-4000,CVE-2015-4729,CVE-2015-4731,CVE-2015-4732,CVE-2015-4733,CVE-2015-4748,CVE-2015-4749,CVE-2015-4760
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP3 (src):    java-1_7_0-ibm-1.7.0_sr9.10-9.1
SUSE Linux Enterprise Server for VMWare 11-SP3 (src):    java-1_7_0-ibm-1.7.0_sr9.10-9.1
SUSE Linux Enterprise Server 11-SP3 (src):    java-1_7_0-ibm-1.7.0_sr9.10-9.1
SUSE Linux Enterprise Server 11-SP2-LTSS (src):    java-1_7_0-ibm-1.7.0_sr9.10-9.1
Comment 28 Marcus Meissner 2015-09-08 10:47:47 UTC
all released I thinkl
Comment 29 Swamp Workflow Management 2015-09-08 11:10:40 UTC
SUSE-SU-2015:1509-1: An update that fixes 17 vulnerabilities is now available.

Category: security (important)
Bug References: 935540,936844,938895,941939
CVE References: CVE-2015-1931,CVE-2015-2590,CVE-2015-2601,CVE-2015-2621,CVE-2015-2625,CVE-2015-2632,CVE-2015-2637,CVE-2015-2638,CVE-2015-2664,CVE-2015-2808,CVE-2015-4000,CVE-2015-4731,CVE-2015-4732,CVE-2015-4733,CVE-2015-4748,CVE-2015-4749,CVE-2015-4760
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP3 (src):    java-1_6_0-ibm-1.6.0_sr16.7-10.1
SUSE Linux Enterprise Server for VMWare 11-SP3 (src):    java-1_6_0-ibm-1.6.0_sr16.7-10.1
SUSE Linux Enterprise Server 11-SP3 (src):    java-1_6_0-ibm-1.6.0_sr16.7-10.1
SUSE Linux Enterprise Server 11-SP2-LTSS (src):    java-1_6_0-ibm-1.6.0_sr16.7-10.1
SUSE Linux Enterprise Server 11-SP1-LTSS (src):    java-1_6_0-ibm-1.6.0_sr16.7-10.1
Comment 30 Leonardo Chiquitto 2015-09-18 18:21:09 UTC
*** Bug 939382 has been marked as a duplicate of this bug. ***