Red Hat Security Advisory: java-1.7.1-ibm security update

CVE-2016-2183 — SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) CVE-2016-5546 — OpenJDK: incorrect ECDSA signature extraction from the DER input (Libraries, 8168714) CVE-2016-5547 — OpenJDK: missing ObjectIdentifier length check (Libraries, 8168705) CVE-2016-5548 — OpenJDK: DSA implementation timing attack (Libraries, 8168728) CVE-2016-5549 — OpenJDK: ECDSA implementation timing attack (Libraries, 8168724) CVE-2016-5552 — OpenJDK: incorrect URL parsing in URLStreamHandler (Networking, 8167223) CVE-2017-3231 — OpenJDK: URLClassLoader insufficient access control checks (Networking, 8151934) CVE-2017-3241 — OpenJDK: untrusted input deserialization in RMI registry and DCG (RMI, 8156802) CVE-2017-3252 — OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743) CVE-2017-3253 — OpenJDK: imageio PNGImageReader failed to honor ignoreMetadata for iTXt and zTXt chunks (2D, 8166988) CVE-2017-3259 — JDK: unspecified vulnerability fixed in 6u141, 7u131, and 8u121 (Deployment) CVE-2017-3261 — OpenJDK: integer overflow in SocketOutputStream boundary check (Networking, 8164147) CVE-2017-3272 — OpenJDK: insufficient protected field access checks in atomic field updaters (Libraries, 8165344) CVE-2017-3289 — OpenJDK: insecure class construction (Hotspot, 8167104)