Skip to navigation

Security Advisory Critical: java-1.4.2-ibm security update

Advisory: RHSA-2012:1243-1
Type: Security Advisory
Severity: Critical
Issued on: 2012-09-07
Last updated on: 2012-09-07
Affected Products: RHEL Desktop Supplementary (v. 5 client)
RHEL Supplementary (v. 5 server)
CVEs (cve.mitre.org): CVE-2012-1713
CVE-2012-1717
CVE-2012-1718
CVE-2012-1719

Details

Updated java-1.4.2-ibm packages that fix several security issues are now
available for Red Hat Enterprise Linux 5 Supplementary.

The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

IBM J2SE version 1.4.2 includes the IBM Java Runtime Environment and the
IBM Java Software Development Kit.

This update fixes several vulnerabilities in the IBM Java Runtime
Environment and the IBM Java Software Development Kit. Detailed
vulnerability descriptions are linked from the IBM Security alerts page,
listed in the References section. (CVE-2012-1713, CVE-2012-1717,
CVE-2012-1718, CVE-2012-1719)

All users of java-1.4.2-ibm are advised to upgrade to these updated
packages, which contain the IBM J2SE 1.4.2 SR13-FP13 release. All running
instances of IBM Java must be restarted for this update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

RHEL Desktop Supplementary (v. 5 client)

IA-32:
java-1.4.2-ibm-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 5cb4c3f414b58a54151a6c2916f34dd6
SHA-256: 0ed41db88dd0451fe5182e833a43f15fbf0375338e063eaca537e2da47f9ac1b
java-1.4.2-ibm-demo-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: c032947b4d2b13ee1174de9fe9965fb0
SHA-256: 1ea71963ef7937853fa3a21dfcb7cb03084ce1bde527c39aebcbf44cc7ad3e95
java-1.4.2-ibm-devel-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 0e0c353028e34a098142b78abbc8b3ad
SHA-256: a27858b77434798fb2ed68af36af5e3d70ebd1e068fd9f76ba9da3ea3a7bbbee
java-1.4.2-ibm-javacomm-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: f66ef50ad99b99ff320c5b479953360d
SHA-256: f7c86d454d81b0116945eefd652beae2642ac305ed240ffcc54ee07fa40df3df
java-1.4.2-ibm-jdbc-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 9877a1726247a6a8e4a8d45d35eb10b3
SHA-256: 90678bee5d8ac2f3f8b72c7e49fdee0d096b9c4dfa2f7008b16b00108f1194b1
java-1.4.2-ibm-plugin-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 8a7ba99253c6212846c0dcafa9b623e2
SHA-256: 059c935dfbdf4fde59e68b43d178f54490f68824ab7340e363e0dc763113d77b
java-1.4.2-ibm-src-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 8f3e3c1047831cd3577bdfa302a73bf5
SHA-256: a2213a868b638ae8f8d71c0ea6bc8f2994dc31fdb8aa53fdd69ffd751e16c37b
 
x86_64:
java-1.4.2-ibm-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 5cb4c3f414b58a54151a6c2916f34dd6
SHA-256: 0ed41db88dd0451fe5182e833a43f15fbf0375338e063eaca537e2da47f9ac1b
java-1.4.2-ibm-1.4.2.13.13-1jpp.1.el5_8.x86_64.rpm
File outdated by:  RHSA-2012:1485
    MD5: 5119261edae4fe7bf97c7c6ea3368b47
SHA-256: 169fb369a2348350c5cf95e2dcfe731d0e56ec8ff3bb70a9781154b822d5a3b3
java-1.4.2-ibm-demo-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: c032947b4d2b13ee1174de9fe9965fb0
SHA-256: 1ea71963ef7937853fa3a21dfcb7cb03084ce1bde527c39aebcbf44cc7ad3e95
java-1.4.2-ibm-demo-1.4.2.13.13-1jpp.1.el5_8.x86_64.rpm
File outdated by:  RHSA-2012:1485
    MD5: 8f73196c258e2fc2ed4d980ea1fe81f5
SHA-256: c571cf58a631b0ff18ff947ad5825f98356257ee5131879a61ce27baa754fd38
java-1.4.2-ibm-devel-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 0e0c353028e34a098142b78abbc8b3ad
SHA-256: a27858b77434798fb2ed68af36af5e3d70ebd1e068fd9f76ba9da3ea3a7bbbee
java-1.4.2-ibm-devel-1.4.2.13.13-1jpp.1.el5_8.x86_64.rpm
File outdated by:  RHSA-2012:1485
    MD5: e6b17ed05674d240804cbe183acec772
SHA-256: 519b58f75a362b96bb980332ae08523f73f0a69c5c88e650178f6c4bbdaa5066
java-1.4.2-ibm-javacomm-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: f66ef50ad99b99ff320c5b479953360d
SHA-256: f7c86d454d81b0116945eefd652beae2642ac305ed240ffcc54ee07fa40df3df
java-1.4.2-ibm-javacomm-1.4.2.13.13-1jpp.1.el5_8.x86_64.rpm
File outdated by:  RHSA-2012:1485
    MD5: fcea24437a5577e3808bb93aec902fe0
SHA-256: d1ec1c530fa2b3556f8f14dc6d8fd927ca1eca3111662e8294bf8edfd0b6a3b1
java-1.4.2-ibm-jdbc-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 9877a1726247a6a8e4a8d45d35eb10b3
SHA-256: 90678bee5d8ac2f3f8b72c7e49fdee0d096b9c4dfa2f7008b16b00108f1194b1
java-1.4.2-ibm-plugin-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 8a7ba99253c6212846c0dcafa9b623e2
SHA-256: 059c935dfbdf4fde59e68b43d178f54490f68824ab7340e363e0dc763113d77b
java-1.4.2-ibm-src-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 8f3e3c1047831cd3577bdfa302a73bf5
SHA-256: a2213a868b638ae8f8d71c0ea6bc8f2994dc31fdb8aa53fdd69ffd751e16c37b
java-1.4.2-ibm-src-1.4.2.13.13-1jpp.1.el5_8.x86_64.rpm
File outdated by:  RHSA-2012:1485
    MD5: 470acca2aed2cef4a69796d5202e30f2
SHA-256: 1d3ad3614693afc6856ea17e9a4b0f8dbb65e57dac5dd23e4b7b711060a12884
 
RHEL Supplementary (v. 5 server)

IA-32:
java-1.4.2-ibm-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 5cb4c3f414b58a54151a6c2916f34dd6
SHA-256: 0ed41db88dd0451fe5182e833a43f15fbf0375338e063eaca537e2da47f9ac1b
java-1.4.2-ibm-demo-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: c032947b4d2b13ee1174de9fe9965fb0
SHA-256: 1ea71963ef7937853fa3a21dfcb7cb03084ce1bde527c39aebcbf44cc7ad3e95
java-1.4.2-ibm-devel-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 0e0c353028e34a098142b78abbc8b3ad
SHA-256: a27858b77434798fb2ed68af36af5e3d70ebd1e068fd9f76ba9da3ea3a7bbbee
java-1.4.2-ibm-javacomm-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: f66ef50ad99b99ff320c5b479953360d
SHA-256: f7c86d454d81b0116945eefd652beae2642ac305ed240ffcc54ee07fa40df3df
java-1.4.2-ibm-jdbc-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 9877a1726247a6a8e4a8d45d35eb10b3
SHA-256: 90678bee5d8ac2f3f8b72c7e49fdee0d096b9c4dfa2f7008b16b00108f1194b1
java-1.4.2-ibm-plugin-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 8a7ba99253c6212846c0dcafa9b623e2
SHA-256: 059c935dfbdf4fde59e68b43d178f54490f68824ab7340e363e0dc763113d77b
java-1.4.2-ibm-src-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 8f3e3c1047831cd3577bdfa302a73bf5
SHA-256: a2213a868b638ae8f8d71c0ea6bc8f2994dc31fdb8aa53fdd69ffd751e16c37b
 
IA-64:
java-1.4.2-ibm-1.4.2.13.13-1jpp.1.el5_8.ia64.rpm
File outdated by:  RHSA-2012:1485
    MD5: c399e39343d1169e8b6095dd16096da9
SHA-256: 3518f0b9d379f238019fa86d1fb723b82ec6470b75bc1cfbdae505d3d2d75e85
java-1.4.2-ibm-demo-1.4.2.13.13-1jpp.1.el5_8.ia64.rpm
File outdated by:  RHSA-2012:1485
    MD5: deb3aa22e2b736f36d13d71254069837
SHA-256: 1bfd650c75409c0e7cc0ec206551633ef4e7eed6c30097e856034a710fd459a2
java-1.4.2-ibm-devel-1.4.2.13.13-1jpp.1.el5_8.ia64.rpm
File outdated by:  RHSA-2012:1485
    MD5: 0fba0c3488000def89e675d35adf4e15
SHA-256: 2af45548f769d6ed8947edd3ea3cdd7dfd008a43c52f19a3fd9d4219d658e077
java-1.4.2-ibm-src-1.4.2.13.13-1jpp.1.el5_8.ia64.rpm
File outdated by:  RHSA-2012:1485
    MD5: e006ce616923b5f76b7d41dd0835d687
SHA-256: f0cff30cbf5729dd9d6e4b24a83c4222866636d5e600661b1a16fd897975f4fe
 
PPC:
java-1.4.2-ibm-1.4.2.13.13-1jpp.1.el5_8.ppc.rpm
File outdated by:  RHSA-2012:1485
    MD5: 0a406744a2c4be15bfcf1c485633d579
SHA-256: 645897ee4295bfb3dbc1ec70f7fe6db5a381637d3bf1eaa0821e14f687c2f6db
java-1.4.2-ibm-1.4.2.13.13-1jpp.1.el5_8.ppc64.rpm
File outdated by:  RHSA-2012:1485
    MD5: bea5a9bc164c2b6e2f8c05ed02cd1cd4
SHA-256: e68255077aaf0ee44e579440f5314e357a91316c35ee5d2360aeb3d2b1c2f92c
java-1.4.2-ibm-demo-1.4.2.13.13-1jpp.1.el5_8.ppc.rpm
File outdated by:  RHSA-2012:1485
    MD5: cba41ec72ea5eb32af3fffd0aac6d751
SHA-256: e86249f794118713b58516ac97700b6856d51704ac91e4a68f76bdb78c174749
java-1.4.2-ibm-demo-1.4.2.13.13-1jpp.1.el5_8.ppc64.rpm
File outdated by:  RHSA-2012:1485
    MD5: 15e4fc1665fea1f63a8ae2a8f62e0a95
SHA-256: 1405dac5e47b73784536dde3fe520ec14ff4d51f32c7925829e457c79fc8a7d4
java-1.4.2-ibm-devel-1.4.2.13.13-1jpp.1.el5_8.ppc.rpm
File outdated by:  RHSA-2012:1485
    MD5: 90b1dc238e899b04f758e09239d8d17c
SHA-256: 62c9f482862846311c43bbdb9b510c53b5eac8238f0f5af58bf259f8a76cd453
java-1.4.2-ibm-devel-1.4.2.13.13-1jpp.1.el5_8.ppc64.rpm
File outdated by:  RHSA-2012:1485
    MD5: 8db5325d4aa880eedaa4d0c487a0b41f
SHA-256: bbe30ba3b8cd53cfd11d2f8254e567504d9f9edfc4c4061d7045611b712012fc
java-1.4.2-ibm-javacomm-1.4.2.13.13-1jpp.1.el5_8.ppc.rpm
File outdated by:  RHSA-2012:1485
    MD5: 873277c3776016301c89c7969cf8fad5
SHA-256: 7d5f809bbc98224b4d3e115f7c319ebdc7a8c601f434eb40af360497db2f68e1
java-1.4.2-ibm-javacomm-1.4.2.13.13-1jpp.1.el5_8.ppc64.rpm
File outdated by:  RHSA-2012:1485
    MD5: c7d1e48069cccd792d5f8a86c43504af
SHA-256: 2d3b38ea335991f5b8e870c03605c0d627e048424e7516dab904eaa6e5d79bba
java-1.4.2-ibm-jdbc-1.4.2.13.13-1jpp.1.el5_8.ppc.rpm
File outdated by:  RHSA-2012:1485
    MD5: cc9a2b5c235b14ddb8274845e78000e8
SHA-256: 251649175559299cc10ca4b4fc89728084e224f4d23f3776db61c244aa7c434e
java-1.4.2-ibm-src-1.4.2.13.13-1jpp.1.el5_8.ppc.rpm
File outdated by:  RHSA-2012:1485
    MD5: 37d14632e74ad67e465ebb1e3e94bd44
SHA-256: 5c58dad40b0a1253355d6945839318b7e3cc8a22aa4e83e9b32b2f2f1b246d88
java-1.4.2-ibm-src-1.4.2.13.13-1jpp.1.el5_8.ppc64.rpm
File outdated by:  RHSA-2012:1485
    MD5: 319c9b4e9b617a67378c5b97ef7b099d
SHA-256: cd2a01213a9bb386260894f99bfd1d339401d31486ee93ceeb37d20dbaed54bf
 
s390x:
java-1.4.2-ibm-1.4.2.13.13-1jpp.1.el5_8.s390.rpm
File outdated by:  RHSA-2012:1485
    MD5: d3094663cddc2faf47926b43706dbd08
SHA-256: 9e3c76ae2d9c83e4061c300355e31cc1551de9ff485412fec4dc8ee50bae554e
java-1.4.2-ibm-1.4.2.13.13-1jpp.1.el5_8.s390x.rpm
File outdated by:  RHSA-2012:1485
    MD5: ec16742ae328cf5bbbe8e5ab8f6b93b4
SHA-256: 203fd471e80eb24c85c851efd81a559a9eba300dab757e64ae1287ff52110d1e
java-1.4.2-ibm-demo-1.4.2.13.13-1jpp.1.el5_8.s390.rpm
File outdated by:  RHSA-2012:1485
    MD5: a1c6b82bb1ecb5783bc19e5dfccbdb5a
SHA-256: db6a4123931b77ba3fcd0da2eb352f7b1f8359b352ca09f346b522500b5607c2
java-1.4.2-ibm-demo-1.4.2.13.13-1jpp.1.el5_8.s390x.rpm
File outdated by:  RHSA-2012:1485
    MD5: 2fa0fb83911cd5a53c6927a28c2abd83
SHA-256: 3e27a0c3e662fcc30160be20c920b2a68a9602abc7a38a0869c0647d70a11c30
java-1.4.2-ibm-devel-1.4.2.13.13-1jpp.1.el5_8.s390.rpm
File outdated by:  RHSA-2012:1485
    MD5: 18455bc72522fc9758f092ca25f3667c
SHA-256: de28e223440cd6850a5f018ff99ca3b83b0e43b1b03bf187f1da2024fadfcdeb
java-1.4.2-ibm-devel-1.4.2.13.13-1jpp.1.el5_8.s390x.rpm
File outdated by:  RHSA-2012:1485
    MD5: 54fd1b157924992e339883ce8cef1ab4
SHA-256: 4916ea3155aa75e4dca11d3097f5c9fa990ace7e848c0a59298f90010afa9dc9
java-1.4.2-ibm-jdbc-1.4.2.13.13-1jpp.1.el5_8.s390.rpm
File outdated by:  RHSA-2012:1485
    MD5: 9ea3a462a29023b53b8e41f5823264c1
SHA-256: e86f81f71287d4ae58acc75706660a2feb5c74c023bf63253fb034362eaf3d33
java-1.4.2-ibm-src-1.4.2.13.13-1jpp.1.el5_8.s390.rpm
File outdated by:  RHSA-2012:1485
    MD5: a3b32219ce206ef568ac6560ae5d814e
SHA-256: 28349ac8f369e96cdefbe766fbe97d92a5c2837ff9a3e49875d454597cbeb20e
java-1.4.2-ibm-src-1.4.2.13.13-1jpp.1.el5_8.s390x.rpm
File outdated by:  RHSA-2012:1485
    MD5: dc782c693b0c8b7b6c1b5a7e80b96fbd
SHA-256: 41ab7036925115b16bfc130a479915e4387c42d1cc6d2300410f73a2b4302cc1
 
x86_64:
java-1.4.2-ibm-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 5cb4c3f414b58a54151a6c2916f34dd6
SHA-256: 0ed41db88dd0451fe5182e833a43f15fbf0375338e063eaca537e2da47f9ac1b
java-1.4.2-ibm-1.4.2.13.13-1jpp.1.el5_8.x86_64.rpm
File outdated by:  RHSA-2012:1485
    MD5: 5119261edae4fe7bf97c7c6ea3368b47
SHA-256: 169fb369a2348350c5cf95e2dcfe731d0e56ec8ff3bb70a9781154b822d5a3b3
java-1.4.2-ibm-demo-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: c032947b4d2b13ee1174de9fe9965fb0
SHA-256: 1ea71963ef7937853fa3a21dfcb7cb03084ce1bde527c39aebcbf44cc7ad3e95
java-1.4.2-ibm-demo-1.4.2.13.13-1jpp.1.el5_8.x86_64.rpm
File outdated by:  RHSA-2012:1485
    MD5: 8f73196c258e2fc2ed4d980ea1fe81f5
SHA-256: c571cf58a631b0ff18ff947ad5825f98356257ee5131879a61ce27baa754fd38
java-1.4.2-ibm-devel-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 0e0c353028e34a098142b78abbc8b3ad
SHA-256: a27858b77434798fb2ed68af36af5e3d70ebd1e068fd9f76ba9da3ea3a7bbbee
java-1.4.2-ibm-devel-1.4.2.13.13-1jpp.1.el5_8.x86_64.rpm
File outdated by:  RHSA-2012:1485
    MD5: e6b17ed05674d240804cbe183acec772
SHA-256: 519b58f75a362b96bb980332ae08523f73f0a69c5c88e650178f6c4bbdaa5066
java-1.4.2-ibm-javacomm-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: f66ef50ad99b99ff320c5b479953360d
SHA-256: f7c86d454d81b0116945eefd652beae2642ac305ed240ffcc54ee07fa40df3df
java-1.4.2-ibm-javacomm-1.4.2.13.13-1jpp.1.el5_8.x86_64.rpm
File outdated by:  RHSA-2012:1485
    MD5: fcea24437a5577e3808bb93aec902fe0
SHA-256: d1ec1c530fa2b3556f8f14dc6d8fd927ca1eca3111662e8294bf8edfd0b6a3b1
java-1.4.2-ibm-jdbc-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 9877a1726247a6a8e4a8d45d35eb10b3
SHA-256: 90678bee5d8ac2f3f8b72c7e49fdee0d096b9c4dfa2f7008b16b00108f1194b1
java-1.4.2-ibm-plugin-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 8a7ba99253c6212846c0dcafa9b623e2
SHA-256: 059c935dfbdf4fde59e68b43d178f54490f68824ab7340e363e0dc763113d77b
java-1.4.2-ibm-src-1.4.2.13.13-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 8f3e3c1047831cd3577bdfa302a73bf5
SHA-256: a2213a868b638ae8f8d71c0ea6bc8f2994dc31fdb8aa53fdd69ffd751e16c37b
java-1.4.2-ibm-src-1.4.2.13.13-1jpp.1.el5_8.x86_64.rpm
File outdated by:  RHSA-2012:1485
    MD5: 470acca2aed2cef4a69796d5202e30f2
SHA-256: 1d3ad3614693afc6856ea17e9a4b0f8dbb65e57dac5dd23e4b7b711060a12884
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

829358 - CVE-2012-1717 OpenJDK: insecure temporary file permissions (JRE, 7143606)
829361 - CVE-2012-1713 OpenJDK: fontmanager layout lookup code memory corruption (2D, 7143617)
829371 - CVE-2012-1719 OpenJDK: mutable repository identifiers in generated stub code (CORBA, 7143851)
829372 - CVE-2012-1718 OpenJDK: CRL and certificate extensions handling improvements (Security, 7143872)


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/