Security Bulletin: Multiple vulnerabilities in IBM SDK for Java Technology Edition affect IBM Business Process Manager and WebSphere Lombardi Edition (CVE-2014-6512, CVE-2014-6457, CVE-2014-6558, CVE-2014-3566)

Summary There are multiple vulnerabilities in IBM SDK for Java Technology Edition that is used by IBM Business Process Manager and WebSphere Lombardi Edition. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerability CVE-2014-3566. These issues wer...

SUSE-SU-2018:0645-1 Security update for java-1_7_0-ibm

This update for java-170-ibm provides the following fixes: The version was updated to 7.0.10.20 bsc1082810: Following security issues were fixed: - CVE-2018-2633 CVE-2018-2637 CVE-2018-2634 CVE-2018-2582 CVE-2018-2641 CVE-2018-2618 CVE-2018-2657 CVE-2018-2603 CVE-2018-2599 CVE-2018-2602...

RHEL 7 : java-1.8.0-ibm (RHSA-2018:0351)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0351 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

BSA-2018-564

Security Advisory ID : BSA-2018-564 Component : Oracle Java Revision : 1.1: update The January 2018 Critical Patch Update provides security updatesfor certain Oracle Java Platform software libraries. Java SE JDK and JRE versions through 6u171, 7u161, 8u152, and 9.0.1 are affected by vulnerabiliti...

RHEL 7 : java-1.8.0-oracle (RHSA-2018:0099)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0099 advisory. Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades...

SUSE-SU-2017:3455-1 Security update for java-1_7_1-ibm

This update for java-171-ibm fixes the following issues: - Security update to version 7.1.4.15 bsc1070162 CVE-2017-10349: 'Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u161, 7u15...

October 19, 2017 – Morning Cyber Coffee Headlines – “NCAA Football” Edition

Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! October 19, 2017 - Headlines Carbon Black in the News: Did you hear about the...

SUSE-SU-2017:1400-1 Security update for java-1_7_0-openjdk

This update for java-170-openjdk fixes the following issues: - Update to 2.6.10 - OpenJDK 7u141 bsc1034849 Security fixes - S8163520, CVE-2017-3509: Reuse cache entries - S8163528, CVE-2017-3511: Better library loading - S8165626, CVE-2017-3512: Improved window framing - S8167110, CVE-2017-3514:...

SUSE-SU-2017:1384-1 Security update for java-1_7_0-ibm

This update for java-170-ibm fixes the following issues: Version update to 7.0-10.5 bsc1038505 - CVE-2016-9840: zlib: Out-of-bounds pointer arithmetic in inftrees.c - CVE-2016-9841: zlib: Out-of-bounds pointer arithmetic in inffast.c - CVE-2016-9842: zlib: Undefined left shift of negative number ...

SUSE-SU-2016:3078-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: - CVE-2016-5568: Unspecified vulnerability allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT - CVE-2016-5556: Unspecified vulnerability allowed remote attackers to affect...

F5 Networks BIG-IP : Java vulnerabilities (K50118123)

CVE-2016-0466 Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect availability via vectors related to JAXP. CVE-2016-0483 Unspecified vulnerability ...

F5 BIG-IP - Java vulnerabilities CVE-2013-5825 and CVE-2013-5830

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JAXP. Unspecifi...

F5 Networks BIG-IP : Java vulnerabilities (K48802597)

CVE-2013-5825 Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to...

SOL48802597 - Java vulnerabilities CVE-2013-5825 and CVE-2013-5830

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

SOL95313044 - Multiple Java vulnerabilities

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

SUSE-SU-2016:1378-1 Security update for java-1_7_0-ibm

This IBM Java 1.7.0 SR9 FP40 release fixes the following issues: Security issues fixed: - CVE-2016-0264: buffer overflow vulnerability in the IBM JVM bsc977648 - CVE-2016-0363: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix bsc977650 - CVE-2016-0376: insecure...

SUSE-SU-2016:1248-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following security issues - April 2016 Oracle CPU bsc976340: - CVE-2016-0686: Unspecified vulnerability allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization. - CVE-2016-0687: Unspecified...

MGASA-2016-0149 Updated java-1.8.0-openjdk packages fix security vulnerabilities

Updated java-1.8.0-openjdk packages fix security vulnerabilities: Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions CVE-2016-0686, CVE-2016-0687. It wa...

JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D...

SOL50118123 - Java vulnerabilities CVE-2016-0466 and CVE-2016-0483

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...