SUSE-SU-2014:0266-3: important: Security update for IBM Java 6

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Mon Feb 24 14:04:14 MST 2014


   SUSE Security Update: Security update for IBM Java 6
______________________________________________________________________________

Announcement ID:    SUSE-SU-2014:0266-3
Rating:             important
References:         #862064 
Cross-References:   CVE-2013-5878 CVE-2013-5884 CVE-2013-5887
                    CVE-2013-5888 CVE-2013-5889 CVE-2013-5896
                    CVE-2013-5898 CVE-2013-5899 CVE-2013-5907
                    CVE-2013-5910 CVE-2014-0368 CVE-2014-0373
                    CVE-2014-0375 CVE-2014-0376 CVE-2014-0387
                    CVE-2014-0403 CVE-2014-0410 CVE-2014-0411
                    CVE-2014-0415 CVE-2014-0416 CVE-2014-0417
                    CVE-2014-0422 CVE-2014-0423 CVE-2014-0424
                    CVE-2014-0428
Affected Products:
                    SUSE Linux Enterprise Software Development Kit 11 SP3
                    SUSE Linux Enterprise Server 11 SP3 for VMware
                    SUSE Linux Enterprise Server 11 SP3
                    SUSE Linux Enterprise Server 11 SP1 LTSS
                    SUSE Linux Enterprise Server 10 SP4 LTSS
                    SUSE Linux Enterprise Java 11 SP3
______________________________________________________________________________

   An update that fixes 25 vulnerabilities is now available.

Description:


   IBM Java 6 was updated to version SR15-FP1 which received
   security and bug  fixes.

   More information at:
   http://www.ibm.com/developerworks/java/jdk/alerts/#Oracle_Ja
   nuary_14_2014_CPU
   <http://www.ibm.com/developerworks/java/jdk/alerts/#Oracle_J
   anuary_14_2014_CPU>

   Security Issue references:

   * CVE-2014-0428
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428
   >
   * CVE-2014-0422
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0422
   >
   * CVE-2013-5907
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5907
   >
   * CVE-2014-0417
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0417
   >
   * CVE-2014-0373
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0373
   >
   * CVE-2014-0423
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0423
   >
   * CVE-2014-0376
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376
   >
   * CVE-2014-0376
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376
   >
   * CVE-2014-0416
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0416
   >
   * CVE-2014-0368
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0368
   >
   * CVE-2014-0411
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411
   >
   * CVE-2014-0428
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428
   >
   * CVE-2014-0422
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0422
   >
   * CVE-2013-5907
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5907
   >
   * CVE-2014-0415
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0415
   >
   * CVE-2014-0410
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0410
   >
   * CVE-2013-5889
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5889
   >
   * CVE-2014-0417
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0417
   >
   * CVE-2014-0387
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0387
   >
   * CVE-2014-0424
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0424
   >
   * CVE-2013-5878
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5878
   >
   * CVE-2014-0373
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0373
   >
   * CVE-2014-0375
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0375
   >
   * CVE-2014-0403
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0403
   >
   * CVE-2014-0423
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0423
   >
   * CVE-2014-0376
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376
   >
   * CVE-2013-5910
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5910
   >
   * CVE-2013-5884
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5884
   >
   * CVE-2013-5896
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5896
   >
   * CVE-2014-0376
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376
   >
   * CVE-2013-5899
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5899
   >
   * CVE-2014-0416
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0416
   >
   * CVE-2013-5887
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5887
   >
   * CVE-2014-0368
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0368
   >
   * CVE-2013-5888
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5888
   >
   * CVE-2013-5898
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5898
   >
   * CVE-2014-0411
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411
   >


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 11 SP3:

      zypper in -t patch sdksp3-java-1_6_0-ibm-8896

   - SUSE Linux Enterprise Server 11 SP3 for VMware:

      zypper in -t patch slessp3-java-1_6_0-ibm-8896

   - SUSE Linux Enterprise Server 11 SP3:

      zypper in -t patch slessp3-java-1_6_0-ibm-8896

   - SUSE Linux Enterprise Server 11 SP1 LTSS:

      zypper in -t patch slessp1-java-1_6_0-ibm-8901

   - SUSE Linux Enterprise Java 11 SP3:

      zypper in -t patch slejsp3-java-1_6_0-ibm-8896

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ppc64 s390x x86_64):

      java-1_6_0-ibm-devel-1.6.0_sr15.1-0.6.1

   - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64):

      java-1_6_0-ibm-1.6.0_sr15.1-0.6.1
      java-1_6_0-ibm-fonts-1.6.0_sr15.1-0.6.1

   - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64):

      java-1_6_0-ibm-1.6.0_sr15.1-0.6.1
      java-1_6_0-ibm-fonts-1.6.0_sr15.1-0.6.1
      java-1_6_0-ibm-jdbc-1.6.0_sr15.1-0.6.1
      java-1_6_0-ibm-plugin-1.6.0_sr15.1-0.6.1

   - SUSE Linux Enterprise Server 11 SP3 for VMware (i586):

      java-1_6_0-ibm-alsa-1.6.0_sr15.1-0.6.1

   - SUSE Linux Enterprise Server 11 SP3 (i586 ppc64 s390x x86_64):

      java-1_6_0-ibm-1.6.0_sr15.1-0.6.1
      java-1_6_0-ibm-fonts-1.6.0_sr15.1-0.6.1
      java-1_6_0-ibm-jdbc-1.6.0_sr15.1-0.6.1

   - SUSE Linux Enterprise Server 11 SP3 (i586 x86_64):

      java-1_6_0-ibm-plugin-1.6.0_sr15.1-0.6.1

   - SUSE Linux Enterprise Server 11 SP3 (i586):

      java-1_6_0-ibm-alsa-1.6.0_sr15.1-0.6.1

   - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64):

      java-1_6_0-ibm-1.6.0_sr15.1-0.6.1
      java-1_6_0-ibm-fonts-1.6.0_sr15.1-0.6.1
      java-1_6_0-ibm-jdbc-1.6.0_sr15.1-0.6.1

   - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 x86_64):

      java-1_6_0-ibm-plugin-1.6.0_sr15.1-0.6.1

   - SUSE Linux Enterprise Server 11 SP1 LTSS (i586):

      java-1_6_0-ibm-alsa-1.6.0_sr15.1-0.6.1

   - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x x86_64):

      java-1_5_0-ibm-1.5.0_sr16.5-0.6.1
      java-1_5_0-ibm-devel-1.5.0_sr16.5-0.6.1
      java-1_5_0-ibm-fonts-1.5.0_sr16.5-0.6.1
      java-1_6_0-ibm-1.6.0_sr15.1-0.15.1
      java-1_6_0-ibm-devel-1.6.0_sr15.1-0.15.1
      java-1_6_0-ibm-fonts-1.6.0_sr15.1-0.15.1
      java-1_6_0-ibm-jdbc-1.6.0_sr15.1-0.15.1

   - SUSE Linux Enterprise Server 10 SP4 LTSS (s390x x86_64):

      java-1_5_0-ibm-32bit-1.5.0_sr16.5-0.6.1
      java-1_5_0-ibm-devel-32bit-1.5.0_sr16.5-0.6.1
      java-1_6_0-ibm-32bit-1.6.0_sr15.1-0.15.1
      java-1_6_0-ibm-devel-32bit-1.6.0_sr15.1-0.15.1

   - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 x86_64):

      java-1_6_0-ibm-plugin-1.6.0_sr15.1-0.15.1

   - SUSE Linux Enterprise Server 10 SP4 LTSS (x86_64):

      java-1_5_0-ibm-alsa-32bit-1.5.0_sr16.5-0.6.1
      java-1_6_0-ibm-alsa-32bit-1.6.0_sr15.1-0.15.1
      java-1_6_0-ibm-plugin-32bit-1.6.0_sr15.1-0.15.1

   - SUSE Linux Enterprise Server 10 SP4 LTSS (i586):

      java-1_5_0-ibm-alsa-1.5.0_sr16.5-0.6.1
      java-1_5_0-ibm-jdbc-1.5.0_sr16.5-0.6.1
      java-1_5_0-ibm-plugin-1.5.0_sr16.5-0.6.1
      java-1_6_0-ibm-alsa-1.6.0_sr15.1-0.15.1

   - SUSE Linux Enterprise Java 11 SP3 (i586 ppc64 s390x x86_64):

      java-1_6_0-ibm-1.6.0_sr15.1-0.6.1
      java-1_6_0-ibm-devel-1.6.0_sr15.1-0.6.1
      java-1_6_0-ibm-fonts-1.6.0_sr15.1-0.6.1
      java-1_6_0-ibm-jdbc-1.6.0_sr15.1-0.6.1

   - SUSE Linux Enterprise Java 11 SP3 (i586 x86_64):

      java-1_6_0-ibm-plugin-1.6.0_sr15.1-0.6.1

   - SUSE Linux Enterprise Java 11 SP3 (i586):

      java-1_6_0-ibm-alsa-1.6.0_sr15.1-0.6.1


References:

   http://support.novell.com/security/cve/CVE-2013-5878.html
   http://support.novell.com/security/cve/CVE-2013-5884.html
   http://support.novell.com/security/cve/CVE-2013-5887.html
   http://support.novell.com/security/cve/CVE-2013-5888.html
   http://support.novell.com/security/cve/CVE-2013-5889.html
   http://support.novell.com/security/cve/CVE-2013-5896.html
   http://support.novell.com/security/cve/CVE-2013-5898.html
   http://support.novell.com/security/cve/CVE-2013-5899.html
   http://support.novell.com/security/cve/CVE-2013-5907.html
   http://support.novell.com/security/cve/CVE-2013-5910.html
   http://support.novell.com/security/cve/CVE-2014-0368.html
   http://support.novell.com/security/cve/CVE-2014-0373.html
   http://support.novell.com/security/cve/CVE-2014-0375.html
   http://support.novell.com/security/cve/CVE-2014-0376.html
   http://support.novell.com/security/cve/CVE-2014-0387.html
   http://support.novell.com/security/cve/CVE-2014-0403.html
   http://support.novell.com/security/cve/CVE-2014-0410.html
   http://support.novell.com/security/cve/CVE-2014-0411.html
   http://support.novell.com/security/cve/CVE-2014-0415.html
   http://support.novell.com/security/cve/CVE-2014-0416.html
   http://support.novell.com/security/cve/CVE-2014-0417.html
   http://support.novell.com/security/cve/CVE-2014-0422.html
   http://support.novell.com/security/cve/CVE-2014-0423.html
   http://support.novell.com/security/cve/CVE-2014-0424.html
   http://support.novell.com/security/cve/CVE-2014-0428.html
   https://bugzilla.novell.com/862064
   http://download.novell.com/patch/finder/?keywords=31bff4adf7f4091ce92bf4450ff8b1f3
   http://download.novell.com/patch/finder/?keywords=49593e2ab0f92f334869c11ea4658f10
   http://download.novell.com/patch/finder/?keywords=80342541418cc3f0cde43530feba3e08
   http://download.novell.com/patch/finder/?keywords=bc9c0f6c8b696630ae6e85a990a72405



More information about the sle-security-updates mailing list