Bug 891701 – VUL-0: java-1_7_0-ibm SR7-FP1

Bug 891701 - VUL-0: java-1_7_0-ibm SR7-FP1


Summary:	VUL-0: java-1_7_0-ibm SR7-FP1

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:
Whiteboard:	maint:released:sle11-sp3:58605 maint:...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2014-08-13 08:11 UTC by Tomáš Chvátal
Modified:	2015-11-30 09:50 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Tomáš Chvátal 2014-08-13 08:11:06 UTC

java-1_7_0-ibm update was released.

References:
http://www.ibm.com/developerworks/java/jdk/linux/download.html

Comment 1 Alexander Bergmann 2014-08-13 15:08:34 UTC

CVE List for 7R1 SR1-FP1:

http://www.ibm.com/developerworks/java/jdk/alerts/#Oracle_July_15_2014_CPU

CVE-2014-4227: http://www-01.ibm.com/support/docview.wss?uid=swg1IV62609
CVE-2014-4262: http://www-01.ibm.com/support/docview.wss?uid=swg1IV62612
CVE-2014-4219: http://www-01.ibm.com/support/docview.wss?uid=swg1IV62716
CVE-2014-4209: http://www-01.ibm.com/support/docview.wss?uid=swg1IV62616
CVE-2014-4220: http://www-01.ibm.com/support/docview.wss?uid=swg1IV62617
CVE-2014-4268: http://www-01.ibm.com/support/docview.wss?uid=swg1IV62620
CVE-2014-4218: http://www-01.ibm.com/support/docview.wss?uid=swg1IV62622
CVE-2014-4252: http://www-01.ibm.com/support/docview.wss?uid=swg1IV62625
CVE-2014-4266: http://www-01.ibm.com/support/docview.wss?uid=swg1IV62626
CVE-2014-4265: http://www-01.ibm.com/support/docview.wss?uid=swg1IV62627
CVE-2014-4221: http://www-01.ibm.com/support/docview.wss?uid=swg1IV62628
CVE-2014-4263: http://www-01.ibm.com/support/docview.wss?uid=swg1IV62630
CVE-2014-4244: http://www-01.ibm.com/support/docview.wss?uid=swg1IV62632
CVE-2014-4208: http://www-01.ibm.com/support/docview.wss?uid=swg1IV62633

Comment 2 Swamp Workflow Management 2014-08-13 15:27:24 UTC

An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2014-08-27.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/58581

Comment 3 SMASH SMASH 2014-08-13 15:30:12 UTC

Affected packages:

SLE-11-SP3: java-1_7_0-ibm

Comment 4 Swamp Workflow Management 2014-08-13 22:00:34 UTC

bugbot adjusting priority

Comment 7 Swamp Workflow Management 2014-08-19 22:04:30 UTC

SUSE-SU-2014:1037-1: An update that fixes 14 vulnerabilities is now available.

Category: security (moderate)
Bug References: 891701
CVE References: CVE-2014-4208,CVE-2014-4209,CVE-2014-4218,CVE-2014-4219,CVE-2014-4220,CVE-2014-4221,CVE-2014-4227,CVE-2014-4244,CVE-2014-4252,CVE-2014-4262,CVE-2014-4263,CVE-2014-4265,CVE-2014-4266,CVE-2014-4268
Sources used:
SUSE Linux Enterprise Software Development Kit 11 SP3 (src):    java-1_7_0-ibm-1.7.0_sr7.1-0.5.1
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    java-1_7_0-ibm-1.7.0_sr7.1-0.5.1
SUSE Linux Enterprise Server 11 SP3 (src):    java-1_7_0-ibm-1.7.0_sr7.1-0.5.1
SUSE Linux Enterprise Java 11 SP3 (src):    java-1_7_0-ibm-1.7.0_sr7.1-0.5.1

Comment 8 Alexander Bergmann 2014-08-26 08:32:07 UTC

Released.

Comment 9 Swamp Workflow Management 2015-02-21 00:05:54 UTC

SUSE-SU-2015:0344-1: An update that solves two vulnerabilities and has four fixes is now available.

Category: security (important)
Bug References: 891701,901223,901239,904889,916265,916266
CVE References: CVE-2014-8891,CVE-2014-8892
Sources used:
SUSE Linux Enterprise Server 11 SP2 LTSS (src):    java-1_7_0-ibm-1.7.0_sr8.10-0.6.4, java-1_7_0-ibm-1.7.0_sr8.10-0.6.5