Red Hat Security Advisory: java-1.7.0-ibm security update
🔗 CVE IDs covered (13)
📋 Description
CVE-2005-1080 — jar: directory traversal vulnerability CVE-2015-0138 — JDK: ephemeral RSA keys accepted for non-export SSL/TLS cipher suites (FREAK) CVE-2015-0192 — JDK: unspecified Java sandbox restrictions bypass CVE-2015-0458 — JDK: unspecified vulnerability fixed in 6u95, 7u79 and 8u45 (Deployment) CVE-2015-0459 — JDK: unspecified vulnerability fixed in 5.0u85, 6u95, 7u79 and 8u45 (2D) CVE-2015-0469 — ICU: layout engine glyphStorage off-by-one (OpenJDK 2D, 8067699) CVE-2015-0477 — OpenJDK: incorrect permissions check in resource loading (Beans, 8068320) CVE-2015-0478 — OpenJDK: insufficient hardening of RSA-CRT implementation (JCE, 8071726) CVE-2015-0480 — OpenJDK: jar directory traversal issues (Tools, 8064601) CVE-2015-0488 — OpenJDK: certificate options parsing uncaught exception (JSSE, 8068720) CVE-2015-0491 — JDK: unspecified vulnerability fixed in 5.0u85, 6u95, 7u79 and 8u45 (2D) CVE-2015-1914 — JDK: unspecified partial Java sandbox restrictions bypass CVE-2015-2808 — SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher
🔗 References (18)
- selfhttps://access.redhat.com/errata/RHSA-2015:1007
- externalhttps://access.redhat.com/security/updates/classification/#critical
- externalhttps://www.ibm.com/developerworks/java/jdk/alerts/
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1207101#c4
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=606442
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1207101
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1210355
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1210829
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1211299
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1211504
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1211543
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1211768
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1211769
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1211771
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1219212
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1219215
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1219223
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1007.json