Security Advisory Critical: java-1.5.0-ibm security update

Advisory: RHSA-2008:0790-9
Type: Security Advisory
Severity: Critical
Issued on: 2008-07-31
Last updated on: 2008-07-31
Affected Products: RHEL Desktop Supplementary (v. 5 client)
RHEL Supplementary (v. 5 server)
RHEL Supplementary EUS (v. 5.2.z server)
Red Hat Enterprise Linux Extras (v. 4)
Red Hat Enterprise Linux Extras (v. 4.6.z)
OVAL: N/A
CVEs (cve.mitre.org): CVE-2008-3104
CVE-2008-3106
CVE-2008-3108
CVE-2008-3111
CVE-2008-3112
CVE-2008-3113
CVE-2008-3114

Details

Updated java-1.5.0-ibm packages that fix several security issues are now
available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

The IBM 1.5.0 Java release includes the IBM Java 2 Runtime Environment and
the IBM Java 2 Software Development Kit.

Multiple vulnerabilities with unsigned applets were reported. A remote
attacker could misuse an unsigned applet to connect to localhost services
running on the host running the applet. (CVE-2008-3104)

A vulnerability in the XML processing API was found. A remote attacker who
caused malicious XML to be processed by an untrusted applet or application
was able to elevate permissions to access URLs on a remote host.
(CVE-2008-3106)

A buffer overflow vulnerability was found in the font processing code. This
allowed remote attackers to extend the permissions of an untrusted applet
or application, allowing it to read and/or write local files, as well as to
execute local applications accessible to the user running the untrusted
application. (CVE-2008-3108)

Several buffer overflow vulnerabilities in Java Web Start were reported.
These vulnerabilities allowed an untrusted Java Web Start application to
elevate its privileges, allowing it to read and/or write local files, as
well as to execute local applications accessible to the user running the
untrusted application. (CVE-2008-3111)

Two file processing vulnerabilities in Java Web Start were found. A remote
attacker, by means of an untrusted Java Web Start application, was able to
create or delete arbitrary files with the permissions of the user running
the untrusted application. (CVE-2008-3112, CVE-2008-3113)

A vulnerability in Java Web Start when processing untrusted applications
was reported. An attacker was able to acquire sensitive information, such
as the cache location. (CVE-2008-3114)

All users of java-1.5.0-ibm are advised to upgrade to these updated
packages, that contain the IBM 1.5.0 SR8 Java release, which resolves
these issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

RHEL Desktop Supplementary (v. 5 client)
IA-32:
java-1.5.0-ibm-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     4069826a5ae32578fd243e52c064f28b
java-1.5.0-ibm-accessibility-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     8ba8597f91adfc7a6486ea291d07fa6c
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     922fca3563ab0fe24d0962c592542a65
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     129657ec6478a8d516793e8d1d443922
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     13ec3260ec54277c123966cedf7e65e5
java-1.5.0-ibm-jdbc-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     07d4c3338805c7729fc648a49914a820
java-1.5.0-ibm-plugin-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     01431d232b7a15c41cb013746073564d
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     61f53a4baa9e037ab82d8c0ddeb80c87
 
x86_64:
java-1.5.0-ibm-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     4069826a5ae32578fd243e52c064f28b
java-1.5.0-ibm-1.5.0.8-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2009:1647		     22349bec871f7a81e584b69f054481df
java-1.5.0-ibm-accessibility-1.5.0.8-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2009:1647		     a28693f4202955e099e44d80168f9c49
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     922fca3563ab0fe24d0962c592542a65
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2009:1647		     b3ff8864b0771d432f31308486dd1ae1
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     129657ec6478a8d516793e8d1d443922
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2009:1647		     8e765b068701f34949853d309c680656
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     13ec3260ec54277c123966cedf7e65e5
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2009:1647		     9db410c8e3442cb9a90f24536f4a8855
java-1.5.0-ibm-jdbc-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     07d4c3338805c7729fc648a49914a820
java-1.5.0-ibm-plugin-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     01431d232b7a15c41cb013746073564d
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     61f53a4baa9e037ab82d8c0ddeb80c87
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2009:1647		     1421338342e6f707ea8154c587434b8a
 
RHEL Supplementary (v. 5 server)
IA-32:
java-1.5.0-ibm-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     4069826a5ae32578fd243e52c064f28b
java-1.5.0-ibm-accessibility-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     8ba8597f91adfc7a6486ea291d07fa6c
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     922fca3563ab0fe24d0962c592542a65
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     129657ec6478a8d516793e8d1d443922
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     13ec3260ec54277c123966cedf7e65e5
java-1.5.0-ibm-jdbc-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     07d4c3338805c7729fc648a49914a820
java-1.5.0-ibm-plugin-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     01431d232b7a15c41cb013746073564d
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     61f53a4baa9e037ab82d8c0ddeb80c87
 
PPC:
java-1.5.0-ibm-1.5.0.8-1jpp.1.el5.ppc.rpm
File outdated by:  RHSA-2009:1647		     6700e91baddc692926778bc1e5cb0fde
java-1.5.0-ibm-1.5.0.8-1jpp.1.el5.ppc64.rpm
File outdated by:  RHSA-2009:1647		     4ad1cc0b31ee513dd8f833d4688fba26
java-1.5.0-ibm-accessibility-1.5.0.8-1jpp.1.el5.ppc.rpm
File outdated by:  RHSA-2009:1647		     1352e058b913fb18ffd8a75e36317eac
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el5.ppc.rpm
File outdated by:  RHSA-2009:1647		     e4c3c7751804673b1ee999658724fa40
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el5.ppc64.rpm
File outdated by:  RHSA-2009:1647		     3841eb717c487edeba3f26f5dd6a6ff2
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el5.ppc.rpm
File outdated by:  RHSA-2009:1647		     8e961c9694b44126ac32776b7122e93c
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el5.ppc64.rpm
File outdated by:  RHSA-2009:1647		     ed3ed44e93b59dd1114cb397d7916089
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el5.ppc.rpm
File outdated by:  RHSA-2009:1647		     a4ab4e6866d65cc0d891c57311c8495d
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el5.ppc64.rpm
File outdated by:  RHSA-2009:1647		     5fb19c904935d5b7124278a2f12467f4
java-1.5.0-ibm-jdbc-1.5.0.8-1jpp.1.el5.ppc.rpm
File outdated by:  RHSA-2009:1647		     8dbe81acdb629cb9d3c325c85a3eacff
java-1.5.0-ibm-plugin-1.5.0.8-1jpp.1.el5.ppc.rpm
File outdated by:  RHSA-2009:1647		     c470b43ce712356a679cf00ae9464fa4
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el5.ppc.rpm
File outdated by:  RHSA-2009:1647		     af7781efb83e5503910b4199d4d7b78e
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el5.ppc64.rpm
File outdated by:  RHSA-2009:1647		     73d12d16375dd6fb2ca2f7058fd4a821
 
s390x:
java-1.5.0-ibm-1.5.0.8-1jpp.1.el5.s390.rpm
File outdated by:  RHSA-2009:1647		     05a07277f9f4c94d0af05f2d3146a485
java-1.5.0-ibm-1.5.0.8-1jpp.1.el5.s390x.rpm
File outdated by:  RHSA-2009:1647		     adc073cfd786623afec0131d3ce6b5e1
java-1.5.0-ibm-accessibility-1.5.0.8-1jpp.1.el5.s390x.rpm
File outdated by:  RHSA-2009:1647		     d2b6ecaca6f4a027baa32870ba343742
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el5.s390.rpm
File outdated by:  RHSA-2009:1647		     dc6ab9b39d1d21ab224fe0a402e85ea1
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el5.s390x.rpm
File outdated by:  RHSA-2009:1647		     a04b84dc213b79c0d4cff62473414266
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el5.s390.rpm
File outdated by:  RHSA-2009:1647		     6b3507060a2337b41a92fce56b8ad62c
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el5.s390x.rpm
File outdated by:  RHSA-2009:1647		     8859ab10b8b1c63c305fc070e3eecd68
java-1.5.0-ibm-jdbc-1.5.0.8-1jpp.1.el5.s390.rpm
File outdated by:  RHSA-2009:1647		     3c72915782ba87bfc2e9c2e61f86e31f
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el5.s390.rpm
File outdated by:  RHSA-2009:1647		     bf5d9108900593b6c2a3df18e733168d
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el5.s390x.rpm
File outdated by:  RHSA-2009:1647		     7d7a9f9bf4b419ef8b08c30bb7ffc17f
 
x86_64:
java-1.5.0-ibm-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     4069826a5ae32578fd243e52c064f28b
java-1.5.0-ibm-1.5.0.8-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2009:1647		     22349bec871f7a81e584b69f054481df
java-1.5.0-ibm-accessibility-1.5.0.8-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2009:1647		     a28693f4202955e099e44d80168f9c49
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     922fca3563ab0fe24d0962c592542a65
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2009:1647		     b3ff8864b0771d432f31308486dd1ae1
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     129657ec6478a8d516793e8d1d443922
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2009:1647		     8e765b068701f34949853d309c680656
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     13ec3260ec54277c123966cedf7e65e5
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2009:1647		     9db410c8e3442cb9a90f24536f4a8855
java-1.5.0-ibm-jdbc-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     07d4c3338805c7729fc648a49914a820
java-1.5.0-ibm-plugin-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     01431d232b7a15c41cb013746073564d
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:1647		     61f53a4baa9e037ab82d8c0ddeb80c87
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2009:1647		     1421338342e6f707ea8154c587434b8a
 
RHEL Supplementary EUS (v. 5.2.z server)
IA-32:
java-1.5.0-ibm-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:0016		     4069826a5ae32578fd243e52c064f28b
java-1.5.0-ibm-accessibility-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:0016		     8ba8597f91adfc7a6486ea291d07fa6c
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:0016		     922fca3563ab0fe24d0962c592542a65
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:0016		     129657ec6478a8d516793e8d1d443922
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:0016		     13ec3260ec54277c123966cedf7e65e5
java-1.5.0-ibm-jdbc-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:0016		     07d4c3338805c7729fc648a49914a820
java-1.5.0-ibm-plugin-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:0016		     01431d232b7a15c41cb013746073564d
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:0016		     61f53a4baa9e037ab82d8c0ddeb80c87
 
PPC:
java-1.5.0-ibm-1.5.0.8-1jpp.1.el5.ppc.rpm
File outdated by:  RHSA-2009:0016		     6700e91baddc692926778bc1e5cb0fde
java-1.5.0-ibm-1.5.0.8-1jpp.1.el5.ppc64.rpm
File outdated by:  RHSA-2009:0016		     4ad1cc0b31ee513dd8f833d4688fba26
java-1.5.0-ibm-accessibility-1.5.0.8-1jpp.1.el5.ppc.rpm
File outdated by:  RHSA-2009:0016		     1352e058b913fb18ffd8a75e36317eac
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el5.ppc.rpm
File outdated by:  RHSA-2009:0016		     e4c3c7751804673b1ee999658724fa40
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el5.ppc64.rpm
File outdated by:  RHSA-2009:0016		     3841eb717c487edeba3f26f5dd6a6ff2
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el5.ppc.rpm
File outdated by:  RHSA-2009:0016		     8e961c9694b44126ac32776b7122e93c
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el5.ppc64.rpm
File outdated by:  RHSA-2009:0016		     ed3ed44e93b59dd1114cb397d7916089
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el5.ppc.rpm
File outdated by:  RHSA-2009:0016		     a4ab4e6866d65cc0d891c57311c8495d
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el5.ppc64.rpm
File outdated by:  RHSA-2009:0016		     5fb19c904935d5b7124278a2f12467f4
java-1.5.0-ibm-jdbc-1.5.0.8-1jpp.1.el5.ppc.rpm
File outdated by:  RHSA-2009:0016		     8dbe81acdb629cb9d3c325c85a3eacff
java-1.5.0-ibm-plugin-1.5.0.8-1jpp.1.el5.ppc.rpm
File outdated by:  RHSA-2009:0016		     c470b43ce712356a679cf00ae9464fa4
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el5.ppc.rpm
File outdated by:  RHSA-2009:0016		     af7781efb83e5503910b4199d4d7b78e
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el5.ppc64.rpm
File outdated by:  RHSA-2009:0016		     73d12d16375dd6fb2ca2f7058fd4a821
 
s390x:
java-1.5.0-ibm-1.5.0.8-1jpp.1.el5.s390.rpm
File outdated by:  RHSA-2009:0016		     05a07277f9f4c94d0af05f2d3146a485
java-1.5.0-ibm-1.5.0.8-1jpp.1.el5.s390x.rpm
File outdated by:  RHSA-2009:0016		     adc073cfd786623afec0131d3ce6b5e1
java-1.5.0-ibm-accessibility-1.5.0.8-1jpp.1.el5.s390x.rpm
File outdated by:  RHSA-2009:0016		     d2b6ecaca6f4a027baa32870ba343742
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el5.s390.rpm
File outdated by:  RHSA-2009:0016		     dc6ab9b39d1d21ab224fe0a402e85ea1
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el5.s390x.rpm
File outdated by:  RHSA-2009:0016		     a04b84dc213b79c0d4cff62473414266
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el5.s390.rpm
File outdated by:  RHSA-2009:0016		     6b3507060a2337b41a92fce56b8ad62c
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el5.s390x.rpm
File outdated by:  RHSA-2009:0016		     8859ab10b8b1c63c305fc070e3eecd68
java-1.5.0-ibm-jdbc-1.5.0.8-1jpp.1.el5.s390.rpm
File outdated by:  RHSA-2009:0016		     3c72915782ba87bfc2e9c2e61f86e31f
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el5.s390.rpm
File outdated by:  RHSA-2009:0016		     bf5d9108900593b6c2a3df18e733168d
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el5.s390x.rpm
File outdated by:  RHSA-2009:0016		     7d7a9f9bf4b419ef8b08c30bb7ffc17f
 
x86_64:
java-1.5.0-ibm-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:0016		     4069826a5ae32578fd243e52c064f28b
java-1.5.0-ibm-1.5.0.8-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2009:0016		     22349bec871f7a81e584b69f054481df
java-1.5.0-ibm-accessibility-1.5.0.8-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2009:0016		     a28693f4202955e099e44d80168f9c49
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:0016		     922fca3563ab0fe24d0962c592542a65
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2009:0016		     b3ff8864b0771d432f31308486dd1ae1
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:0016		     129657ec6478a8d516793e8d1d443922
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2009:0016		     8e765b068701f34949853d309c680656
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:0016		     13ec3260ec54277c123966cedf7e65e5
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2009:0016		     9db410c8e3442cb9a90f24536f4a8855
java-1.5.0-ibm-jdbc-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:0016		     07d4c3338805c7729fc648a49914a820
java-1.5.0-ibm-plugin-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:0016		     01431d232b7a15c41cb013746073564d
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2009:0016		     61f53a4baa9e037ab82d8c0ddeb80c87
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2009:0016		     1421338342e6f707ea8154c587434b8a
 
Red Hat Enterprise Linux Extras (v. 4)
IA-32:
java-1.5.0-ibm-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     44e3953af0e1cf6e9257c46ea1019453
java-1.5.0-ibm-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     44e3953af0e1cf6e9257c46ea1019453
java-1.5.0-ibm-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     44e3953af0e1cf6e9257c46ea1019453
java-1.5.0-ibm-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     44e3953af0e1cf6e9257c46ea1019453
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     e7fb0fb69ffd8a84d6914206512c2772
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     e7fb0fb69ffd8a84d6914206512c2772
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     e7fb0fb69ffd8a84d6914206512c2772
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     e7fb0fb69ffd8a84d6914206512c2772
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     6630d3c955b57b74ed8f72fd5c545a53
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     6630d3c955b57b74ed8f72fd5c545a53
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     6630d3c955b57b74ed8f72fd5c545a53
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     6630d3c955b57b74ed8f72fd5c545a53
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     3ff62d20aec05814dff5b97e1aad8c78
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     3ff62d20aec05814dff5b97e1aad8c78
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     3ff62d20aec05814dff5b97e1aad8c78
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     3ff62d20aec05814dff5b97e1aad8c78
java-1.5.0-ibm-jdbc-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     87683a524a5d23a1b52125a912141b07
java-1.5.0-ibm-jdbc-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     87683a524a5d23a1b52125a912141b07
java-1.5.0-ibm-jdbc-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     87683a524a5d23a1b52125a912141b07
java-1.5.0-ibm-jdbc-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     87683a524a5d23a1b52125a912141b07
java-1.5.0-ibm-plugin-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     75c2f02aa30471f5152b6df09f0789ee
java-1.5.0-ibm-plugin-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     75c2f02aa30471f5152b6df09f0789ee
java-1.5.0-ibm-plugin-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     75c2f02aa30471f5152b6df09f0789ee
java-1.5.0-ibm-plugin-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     75c2f02aa30471f5152b6df09f0789ee
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     9131db89f34a1820c42885fac0d25644
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     9131db89f34a1820c42885fac0d25644
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     9131db89f34a1820c42885fac0d25644
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2009:1647		     9131db89f34a1820c42885fac0d25644
 
PPC:
java-1.5.0-ibm-1.5.0.8-1jpp.1.el4.ppc.rpm
File outdated by:  RHSA-2009:1647		     e877f0f4be8992c9347f795fd8c10dfb
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el4.ppc.rpm
File outdated by:  RHSA-2009:1647		     8543a50f9bef2b6bf4e34001dc633037
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el4.ppc.rpm
File outdated by:  RHSA-2009:1647		     1d24db2c5e66d7ed2e7e173d49a1ea93
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el4.ppc.rpm
File outdated by:  RHSA-2009:1647		     d8838c1cca60875490dd4405935716f0
java-1.5.0-ibm-jdbc-1.5.0.8-1jpp.1.el4.ppc.rpm
File outdated by:  RHSA-2009:1647		     06f51eefe6d889cea12d59075872264a
java-1.5.0-ibm-plugin-1.5.0.8-1jpp.1.el4.ppc.rpm
File outdated by:  RHSA-2009:1647		     46c62dfbac4cd93d74031bb2fd2e5def
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el4.ppc.rpm
File outdated by:  RHSA-2009:1647		     e18113da0263f9522b9f816d1b735b8d
 
s390:
java-1.5.0-ibm-1.5.0.8-1jpp.1.el4.s390.rpm
File outdated by:  RHSA-2009:1647		     4225afb69c5a0e45fe4e0c3c56c4600b
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el4.s390.rpm
File outdated by:  RHSA-2009:1647		     601d8b8cb89290013c310ed211327d52
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el4.s390.rpm
File outdated by:  RHSA-2009:1647		     f0e83f89327522c99c174e1d3603717a
java-1.5.0-ibm-jdbc-1.5.0.8-1jpp.1.el4.s390.rpm
File outdated by:  RHSA-2009:1647		     b8f896b6a83f72df2c377ccee18b86fc
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el4.s390.rpm
File outdated by:  RHSA-2009:1647		     a11940533903ace0f45bdf329d3f3235
 
s390x:
java-1.5.0-ibm-1.5.0.8-1jpp.1.el4.s390x.rpm
File outdated by:  RHSA-2009:1647		     4e2e589e3b71b316539bb793461cddcb
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el4.s390x.rpm
File outdated by:  RHSA-2009:1647		     bc166c4c8395239c3c3b50e3478d7ee1
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el4.s390x.rpm
File outdated by:  RHSA-2009:1647		     30aab8b015aa4f744b5b51808fcd612f
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el4.s390x.rpm
File outdated by:  RHSA-2009:1647		     ae08669d77506d1c5193a62a61f2d0b4
 
x86_64:
java-1.5.0-ibm-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2009:1647		     2283c06e192d63dbe810dd96881fe716
java-1.5.0-ibm-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2009:1647		     2283c06e192d63dbe810dd96881fe716
java-1.5.0-ibm-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2009:1647		     2283c06e192d63dbe810dd96881fe716
java-1.5.0-ibm-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2009:1647		     2283c06e192d63dbe810dd96881fe716
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2009:1647		     aff747c2200d9117bc583294e40b2022
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2009:1647		     aff747c2200d9117bc583294e40b2022
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2009:1647		     aff747c2200d9117bc583294e40b2022
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2009:1647		     aff747c2200d9117bc583294e40b2022
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2009:1647		     cde5d3e2531047395478458e47b47282
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2009:1647		     cde5d3e2531047395478458e47b47282
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2009:1647		     cde5d3e2531047395478458e47b47282
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2009:1647		     cde5d3e2531047395478458e47b47282
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2009:1647		     2f1c95e6006d9793c2de91239d981dd3
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2009:1647		     2f1c95e6006d9793c2de91239d981dd3
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2009:1647		     2f1c95e6006d9793c2de91239d981dd3
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2009:1647		     2f1c95e6006d9793c2de91239d981dd3
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2009:1647		     a361772401d6fb1c0904f14bc059d68c
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2009:1647		     a361772401d6fb1c0904f14bc059d68c
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2009:1647		     a361772401d6fb1c0904f14bc059d68c
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2009:1647		     a361772401d6fb1c0904f14bc059d68c
 
Red Hat Enterprise Linux Extras (v. 4.6.z)
IA-32:
java-1.5.0-ibm-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2008:0891		     44e3953af0e1cf6e9257c46ea1019453
java-1.5.0-ibm-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2008:0891		     44e3953af0e1cf6e9257c46ea1019453
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2008:0891		     e7fb0fb69ffd8a84d6914206512c2772
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2008:0891		     e7fb0fb69ffd8a84d6914206512c2772
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2008:0891		     6630d3c955b57b74ed8f72fd5c545a53
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2008:0891		     6630d3c955b57b74ed8f72fd5c545a53
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2008:0891		     3ff62d20aec05814dff5b97e1aad8c78
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2008:0891		     3ff62d20aec05814dff5b97e1aad8c78
java-1.5.0-ibm-jdbc-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2008:0891		     87683a524a5d23a1b52125a912141b07
java-1.5.0-ibm-jdbc-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2008:0891		     87683a524a5d23a1b52125a912141b07
java-1.5.0-ibm-plugin-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2008:0891		     75c2f02aa30471f5152b6df09f0789ee
java-1.5.0-ibm-plugin-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2008:0891		     75c2f02aa30471f5152b6df09f0789ee
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2008:0891		     9131db89f34a1820c42885fac0d25644
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el4.i386.rpm
File outdated by:  RHSA-2008:0891		     9131db89f34a1820c42885fac0d25644
 
PPC:
java-1.5.0-ibm-1.5.0.8-1jpp.1.el4.ppc.rpm
File outdated by:  RHSA-2008:0891		     e877f0f4be8992c9347f795fd8c10dfb
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el4.ppc.rpm
File outdated by:  RHSA-2008:0891		     8543a50f9bef2b6bf4e34001dc633037
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el4.ppc.rpm
File outdated by:  RHSA-2008:0891		     1d24db2c5e66d7ed2e7e173d49a1ea93
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el4.ppc.rpm
File outdated by:  RHSA-2008:0891		     d8838c1cca60875490dd4405935716f0
java-1.5.0-ibm-jdbc-1.5.0.8-1jpp.1.el4.ppc.rpm
File outdated by:  RHSA-2008:0891		     06f51eefe6d889cea12d59075872264a
java-1.5.0-ibm-plugin-1.5.0.8-1jpp.1.el4.ppc.rpm
File outdated by:  RHSA-2008:0891		     46c62dfbac4cd93d74031bb2fd2e5def
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el4.ppc.rpm
File outdated by:  RHSA-2008:0891		     e18113da0263f9522b9f816d1b735b8d
 
s390:
java-1.5.0-ibm-1.5.0.8-1jpp.1.el4.s390.rpm
File outdated by:  RHSA-2008:0891		     4225afb69c5a0e45fe4e0c3c56c4600b
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el4.s390.rpm
File outdated by:  RHSA-2008:0891		     601d8b8cb89290013c310ed211327d52
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el4.s390.rpm
File outdated by:  RHSA-2008:0891		     f0e83f89327522c99c174e1d3603717a
java-1.5.0-ibm-jdbc-1.5.0.8-1jpp.1.el4.s390.rpm
File outdated by:  RHSA-2008:0891		     b8f896b6a83f72df2c377ccee18b86fc
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el4.s390.rpm
File outdated by:  RHSA-2008:0891		     a11940533903ace0f45bdf329d3f3235
 
s390x:
java-1.5.0-ibm-1.5.0.8-1jpp.1.el4.s390x.rpm
File outdated by:  RHSA-2008:0891		     4e2e589e3b71b316539bb793461cddcb
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el4.s390x.rpm
File outdated by:  RHSA-2008:0891		     bc166c4c8395239c3c3b50e3478d7ee1
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el4.s390x.rpm
File outdated by:  RHSA-2008:0891		     30aab8b015aa4f744b5b51808fcd612f
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el4.s390x.rpm
File outdated by:  RHSA-2008:0891		     ae08669d77506d1c5193a62a61f2d0b4
 
x86_64:
java-1.5.0-ibm-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2008:0891		     2283c06e192d63dbe810dd96881fe716
java-1.5.0-ibm-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2008:0891		     2283c06e192d63dbe810dd96881fe716
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2008:0891		     aff747c2200d9117bc583294e40b2022
java-1.5.0-ibm-demo-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2008:0891		     aff747c2200d9117bc583294e40b2022
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2008:0891		     cde5d3e2531047395478458e47b47282
java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2008:0891		     cde5d3e2531047395478458e47b47282
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2008:0891		     2f1c95e6006d9793c2de91239d981dd3
java-1.5.0-ibm-javacomm-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2008:0891		     2f1c95e6006d9793c2de91239d981dd3
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2008:0891		     a361772401d6fb1c0904f14bc059d68c
java-1.5.0-ibm-src-1.5.0.8-1jpp.1.el4.x86_64.rpm
File outdated by:  RHSA-2008:0891		     a361772401d6fb1c0904f14bc059d68c
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

452649 - CVE-2008-3105 CVE-2008-3106 OpenJDK JAX-WS unauthorized URL access (6542088)
454601 - CVE-2008-3104 Java RE allows Same Origin Policy to be Bypassed (6687932)
454604 - CVE-2008-3108 Security Vulnerability with JRE fonts processing may allow Elevation of Privileges (6450319)
454605 - CVE-2008-3111 Java Web Start Buffer overflow vulnerabilities (6557220)
454606 - CVE-2008-3112 Java Web Start, arbitrary file creation (6703909)
454607 - CVE-2008-3113 Java Web Start arbitrary file creation/deletion file with user permissions (6704077)
454608 - CVE-2008-3114 Java Web Start, untrusted application may determine Cache Location (6704074)


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3104
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3106
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3108
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3111
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3112
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3113
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3114
http://www.redhat.com/security/updates/classification/#critical

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/