Skip to navigation

Security Advisory Critical: java-1.4.2-ibm security update

Advisory: RHSA-2012:0702-1
Type: Security Advisory
Severity: Critical
Issued on: 2012-05-30
Last updated on: 2012-05-30
Affected Products: RHEL Desktop Supplementary (v. 5 client)
RHEL Supplementary (v. 5 server)
CVEs (cve.mitre.org): CVE-2011-3563
CVE-2012-0499
CVE-2012-0502
CVE-2012-0503
CVE-2012-0505
CVE-2012-0506

Details

Updated java-1.4.2-ibm packages that fix several security issues are now
available for Red Hat Enterprise Linux 5 Supplementary.

The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

The IBM Java SE version 1.4.2 release includes the IBM Java 1.4.2 Runtime
Environment and the IBM Java 1.4.2 Software Development Kit.

This update fixes several vulnerabilities in the IBM Java 1.4.2 Runtime
Environment and the IBM Java 1.4.2 Software Development Kit. Detailed
vulnerability descriptions are linked from the IBM "Security alerts" page,
listed in the References section. (CVE-2011-3563, CVE-2012-0499,
CVE-2012-0502, CVE-2012-0503, CVE-2012-0505, CVE-2012-0506)

All users of java-1.4.2-ibm are advised to upgrade to these updated
packages, which contain the IBM Java 1.4.2 SR13-FP12 release. All running
instances of IBM Java must be restarted for this update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

RHEL Desktop Supplementary (v. 5 client)

IA-32:
java-1.4.2-ibm-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 344fa12a676205c4953d91e0571d6734
SHA-256: ade223df2d8d7b70515ab6a2c1aad1077ea4345296147e1f19430681813d0317
java-1.4.2-ibm-demo-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 4d939f81a58a1ecf2ffa09b8b9d8b40a
SHA-256: a888f378f4a494974c9b3e712d6b4b8813d3d3fc1af379f63886b855dbb427bb
java-1.4.2-ibm-devel-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: abaa33e663569ab2acf5ede754ba3443
SHA-256: 6d96e9dda3f9880f7612de27260f6a789900394c6c74319147701ba2bd2e4bdb
java-1.4.2-ibm-javacomm-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: aabb629e6970878d79897a07f0bfad0a
SHA-256: b152503531b4e65e0624d3bdb16f11fe4de9eef03777dd2fe643a880a4709776
java-1.4.2-ibm-jdbc-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 3e191de72898bc2fcda26bc7b2df85e2
SHA-256: 3535b7ef2df5f066fab9deaddf4b24387b9b06f42e3f729c5b36a9f3da64bfd4
java-1.4.2-ibm-plugin-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: d54338b908197cb09357bc36ad895869
SHA-256: 2ea691bdd751ef1ed91744ab24f9134145729d2770e15c9c22f648d44a1e0ef5
java-1.4.2-ibm-src-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: c9c967567cb344979d61eb180e2df578
SHA-256: c152bdeda8ad043c7ba311e3dc853f59cbb6533e9eb93c1c0e30512106ed56e6
 
x86_64:
java-1.4.2-ibm-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 344fa12a676205c4953d91e0571d6734
SHA-256: ade223df2d8d7b70515ab6a2c1aad1077ea4345296147e1f19430681813d0317
java-1.4.2-ibm-1.4.2.13.12-1jpp.1.el5_8.x86_64.rpm
File outdated by:  RHSA-2012:1485
    MD5: 22f58d3aa6518a0751d758c4a8b6112b
SHA-256: a6c5ddf8a07cafbc3662278add514ddb8d89d0bc0e0836349d8154d79b34aef1
java-1.4.2-ibm-demo-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 4d939f81a58a1ecf2ffa09b8b9d8b40a
SHA-256: a888f378f4a494974c9b3e712d6b4b8813d3d3fc1af379f63886b855dbb427bb
java-1.4.2-ibm-demo-1.4.2.13.12-1jpp.1.el5_8.x86_64.rpm
File outdated by:  RHSA-2012:1485
    MD5: 1fc80b65e9bb79a8759851adccc2ee54
SHA-256: 030c6d704c3e8535056c8d6c43c8f98d3a18d34d4d5b9845e1bf47f829041bef
java-1.4.2-ibm-devel-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: abaa33e663569ab2acf5ede754ba3443
SHA-256: 6d96e9dda3f9880f7612de27260f6a789900394c6c74319147701ba2bd2e4bdb
java-1.4.2-ibm-devel-1.4.2.13.12-1jpp.1.el5_8.x86_64.rpm
File outdated by:  RHSA-2012:1485
    MD5: d32d213b5628c28708c66ac678e0e30f
SHA-256: 42fa8480d17d87eea5fc6571b25cc2ebbb1f30ef417d06dd624a3d6b9c2d911d
java-1.4.2-ibm-javacomm-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: aabb629e6970878d79897a07f0bfad0a
SHA-256: b152503531b4e65e0624d3bdb16f11fe4de9eef03777dd2fe643a880a4709776
java-1.4.2-ibm-javacomm-1.4.2.13.12-1jpp.1.el5_8.x86_64.rpm
File outdated by:  RHSA-2012:1485
    MD5: aed5b63051c822c9edb574749cfbdd09
SHA-256: 20f5dee21cbaedcb489551e40355e5af4a8d9bfdcf883fafe4cd400713277a20
java-1.4.2-ibm-jdbc-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 3e191de72898bc2fcda26bc7b2df85e2
SHA-256: 3535b7ef2df5f066fab9deaddf4b24387b9b06f42e3f729c5b36a9f3da64bfd4
java-1.4.2-ibm-plugin-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: d54338b908197cb09357bc36ad895869
SHA-256: 2ea691bdd751ef1ed91744ab24f9134145729d2770e15c9c22f648d44a1e0ef5
java-1.4.2-ibm-src-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: c9c967567cb344979d61eb180e2df578
SHA-256: c152bdeda8ad043c7ba311e3dc853f59cbb6533e9eb93c1c0e30512106ed56e6
java-1.4.2-ibm-src-1.4.2.13.12-1jpp.1.el5_8.x86_64.rpm
File outdated by:  RHSA-2012:1485
    MD5: 195db7d060582836805b154b154e7341
SHA-256: cfa780c071c232c8de23596f514155eee9f369996b1fbd851b72bee9ac870b2d
 
RHEL Supplementary (v. 5 server)

IA-32:
java-1.4.2-ibm-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 344fa12a676205c4953d91e0571d6734
SHA-256: ade223df2d8d7b70515ab6a2c1aad1077ea4345296147e1f19430681813d0317
java-1.4.2-ibm-demo-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 4d939f81a58a1ecf2ffa09b8b9d8b40a
SHA-256: a888f378f4a494974c9b3e712d6b4b8813d3d3fc1af379f63886b855dbb427bb
java-1.4.2-ibm-devel-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: abaa33e663569ab2acf5ede754ba3443
SHA-256: 6d96e9dda3f9880f7612de27260f6a789900394c6c74319147701ba2bd2e4bdb
java-1.4.2-ibm-javacomm-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: aabb629e6970878d79897a07f0bfad0a
SHA-256: b152503531b4e65e0624d3bdb16f11fe4de9eef03777dd2fe643a880a4709776
java-1.4.2-ibm-jdbc-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 3e191de72898bc2fcda26bc7b2df85e2
SHA-256: 3535b7ef2df5f066fab9deaddf4b24387b9b06f42e3f729c5b36a9f3da64bfd4
java-1.4.2-ibm-plugin-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: d54338b908197cb09357bc36ad895869
SHA-256: 2ea691bdd751ef1ed91744ab24f9134145729d2770e15c9c22f648d44a1e0ef5
java-1.4.2-ibm-src-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: c9c967567cb344979d61eb180e2df578
SHA-256: c152bdeda8ad043c7ba311e3dc853f59cbb6533e9eb93c1c0e30512106ed56e6
 
IA-64:
java-1.4.2-ibm-1.4.2.13.12-1jpp.1.el5_8.ia64.rpm
File outdated by:  RHSA-2012:1485
    MD5: 7a194acbfe0ef4ca8a5e2cb33ae1af32
SHA-256: 85366f2cd4a46169e4b26b989f31f1f4bb75d256ba9348f8f76a76cfd5b3d856
java-1.4.2-ibm-demo-1.4.2.13.12-1jpp.1.el5_8.ia64.rpm
File outdated by:  RHSA-2012:1485
    MD5: 226373060f8918cc15b9ae16c7bcabf7
SHA-256: 2943581ef91eb5dc807031f819e04f458741f513cf43d055b13e088825993c62
java-1.4.2-ibm-devel-1.4.2.13.12-1jpp.1.el5_8.ia64.rpm
File outdated by:  RHSA-2012:1485
    MD5: 1ae71e189ef9e48bd15393f6eab21a5a
SHA-256: 6cb7afb4e8ce429a877e5289f7fee68f246af5b1327e32165b1e9e63a698b583
java-1.4.2-ibm-src-1.4.2.13.12-1jpp.1.el5_8.ia64.rpm
File outdated by:  RHSA-2012:1485
    MD5: 5e2a18e0e75ef779976fe4a749fb44e7
SHA-256: b8e31a42db4e87923643cb053f3b7a6148bd141e5f3b9d10a36636d1cf3f0c8f
 
PPC:
java-1.4.2-ibm-1.4.2.13.12-1jpp.1.el5_8.ppc.rpm
File outdated by:  RHSA-2012:1485
    MD5: a6d7f17c15e6ca66796dad637a7887cb
SHA-256: 60589465be615dd6ac4ef7e30f677d542fd181f20e7f7b8b62fa92c82b8847b1
java-1.4.2-ibm-1.4.2.13.12-1jpp.1.el5_8.ppc64.rpm
File outdated by:  RHSA-2012:1485
    MD5: e3b15584800eeb4ed4e6da0a15a4450b
SHA-256: 97e987c67865b6f0abec9e661eb73eec1a29feea06d9666e23bb5cc4e5c67c96
java-1.4.2-ibm-demo-1.4.2.13.12-1jpp.1.el5_8.ppc.rpm
File outdated by:  RHSA-2012:1485
    MD5: 9c118f6ec8744f9a45c2063cb39471c0
SHA-256: 868fd6412afc0ffac2513be6bf33330f83ef413d52b181233a491f86291357ff
java-1.4.2-ibm-demo-1.4.2.13.12-1jpp.1.el5_8.ppc64.rpm
File outdated by:  RHSA-2012:1485
    MD5: a69769d8a228776e71d19352c69d86ae
SHA-256: 920cbe8118587e7a4c453cded81a6097a811b1134816a9cce51f0222f782f008
java-1.4.2-ibm-devel-1.4.2.13.12-1jpp.1.el5_8.ppc.rpm
File outdated by:  RHSA-2012:1485
    MD5: dd2fa8a27d842d899c79def680139373
SHA-256: 731e3a5d16d6eec33e123fc5bfbb6e6f49ccbf7c1343444fb236450e9adcf6e4
java-1.4.2-ibm-devel-1.4.2.13.12-1jpp.1.el5_8.ppc64.rpm
File outdated by:  RHSA-2012:1485
    MD5: 94209b0177ca46acea1e47ecf63d2e07
SHA-256: 3512f3bac7beff9f0cb61666081a383c7267e25f33d3d5f239b16d10f88fa188
java-1.4.2-ibm-javacomm-1.4.2.13.12-1jpp.1.el5_8.ppc.rpm
File outdated by:  RHSA-2012:1485
    MD5: 5cdcebcaa31f34056630e160d4012359
SHA-256: ffdf3258d585291a62504bc4819491f4469235b8490821d382ad820b170cb5c5
java-1.4.2-ibm-javacomm-1.4.2.13.12-1jpp.1.el5_8.ppc64.rpm
File outdated by:  RHSA-2012:1485
    MD5: d9b005fc4c935bf9e57ec422afe11aa8
SHA-256: e6cc69a3bee060daf03c18e6e484fefa9ed34e5f5398bec9049894d674ccc723
java-1.4.2-ibm-jdbc-1.4.2.13.12-1jpp.1.el5_8.ppc.rpm
File outdated by:  RHSA-2012:1485
    MD5: 0b98d2190c3f190b78e7de25272abc83
SHA-256: f1c43b5d86f0ad95fd47d68fc21dc6d6fcc1baa9900b5da0a1a12ae1ae59dcf6
java-1.4.2-ibm-src-1.4.2.13.12-1jpp.1.el5_8.ppc.rpm
File outdated by:  RHSA-2012:1485
    MD5: 0fe26fca7475fe80ed36c88ab4acaf77
SHA-256: 5add8611c477ee97cce7d3e76ca7f3fa7cb876f4960bc55d634d217284e2d534
java-1.4.2-ibm-src-1.4.2.13.12-1jpp.1.el5_8.ppc64.rpm
File outdated by:  RHSA-2012:1485
    MD5: da7239ac137fa9cbf453ae6c41a11e46
SHA-256: 787295e267d15dab35d0627371e0b2808f6df4728d100967bd8afc97d369ec0b
 
s390x:
java-1.4.2-ibm-1.4.2.13.12-1jpp.1.el5_8.s390.rpm
File outdated by:  RHSA-2012:1485
    MD5: 68abdec59fd3091dcda42db1ad9c19da
SHA-256: d8d0cacb9880053addf0c3f979c43c75c501e2cf1ea7ee4ad0d72428e8abacb6
java-1.4.2-ibm-1.4.2.13.12-1jpp.1.el5_8.s390x.rpm
File outdated by:  RHSA-2012:1485
    MD5: 2b895548b0684c6b10b4c2dc2113b222
SHA-256: 6d39f7a7e42277ceab65845b3628397b725f9212bb43b8e1ccb0e73c52df471f
java-1.4.2-ibm-demo-1.4.2.13.12-1jpp.1.el5_8.s390.rpm
File outdated by:  RHSA-2012:1485
    MD5: 58c9d3685f8595582a00244d48ce0297
SHA-256: 83f3d15bf7a36c1dd07f19d6a259912c9124086fff0355f7492b6c1ad89b0f6b
java-1.4.2-ibm-demo-1.4.2.13.12-1jpp.1.el5_8.s390x.rpm
File outdated by:  RHSA-2012:1485
    MD5: 35dd21b0f8a50270f1e41a046a75dda7
SHA-256: 62e2fa84afb0dbd54f605db216c767b758fcc939c3bcc2347fa55146515d434d
java-1.4.2-ibm-devel-1.4.2.13.12-1jpp.1.el5_8.s390.rpm
File outdated by:  RHSA-2012:1485
    MD5: ca36bdbcffcabdf7536e6538b66985c1
SHA-256: 52566c6db59ca5ffa14013f6375bc5bb797736f1a25168057812603455cd942b
java-1.4.2-ibm-devel-1.4.2.13.12-1jpp.1.el5_8.s390x.rpm
File outdated by:  RHSA-2012:1485
    MD5: 2e5a49fe7b9260f83823184cdefe4c26
SHA-256: 5053eb0e843ccc8605e3937e7db42156e40d15fdbb30d919e2cf93e4c2d75379
java-1.4.2-ibm-jdbc-1.4.2.13.12-1jpp.1.el5_8.s390.rpm
File outdated by:  RHSA-2012:1485
    MD5: caf9529576c02878be816219236287ce
SHA-256: 18f173a9654efae68a7c5548fe34fc19db646965f9126ab1e7ada6908d894a20
java-1.4.2-ibm-src-1.4.2.13.12-1jpp.1.el5_8.s390.rpm
File outdated by:  RHSA-2012:1485
    MD5: 745e11ca718b1bc8be998acafbdfc796
SHA-256: 544b0f445c4008860dfcda8dc5320a917b851d088ecc47cba57860a7dcf32285
java-1.4.2-ibm-src-1.4.2.13.12-1jpp.1.el5_8.s390x.rpm
File outdated by:  RHSA-2012:1485
    MD5: 6d01bb4f679550b26e559cfdc0835f92
SHA-256: a25c393bb29043eb732efb5b138ad435689cd16b348810a7e8e86aa6b9ff59bf
 
x86_64:
java-1.4.2-ibm-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 344fa12a676205c4953d91e0571d6734
SHA-256: ade223df2d8d7b70515ab6a2c1aad1077ea4345296147e1f19430681813d0317
java-1.4.2-ibm-1.4.2.13.12-1jpp.1.el5_8.x86_64.rpm
File outdated by:  RHSA-2012:1485
    MD5: 22f58d3aa6518a0751d758c4a8b6112b
SHA-256: a6c5ddf8a07cafbc3662278add514ddb8d89d0bc0e0836349d8154d79b34aef1
java-1.4.2-ibm-demo-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 4d939f81a58a1ecf2ffa09b8b9d8b40a
SHA-256: a888f378f4a494974c9b3e712d6b4b8813d3d3fc1af379f63886b855dbb427bb
java-1.4.2-ibm-demo-1.4.2.13.12-1jpp.1.el5_8.x86_64.rpm
File outdated by:  RHSA-2012:1485
    MD5: 1fc80b65e9bb79a8759851adccc2ee54
SHA-256: 030c6d704c3e8535056c8d6c43c8f98d3a18d34d4d5b9845e1bf47f829041bef
java-1.4.2-ibm-devel-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: abaa33e663569ab2acf5ede754ba3443
SHA-256: 6d96e9dda3f9880f7612de27260f6a789900394c6c74319147701ba2bd2e4bdb
java-1.4.2-ibm-devel-1.4.2.13.12-1jpp.1.el5_8.x86_64.rpm
File outdated by:  RHSA-2012:1485
    MD5: d32d213b5628c28708c66ac678e0e30f
SHA-256: 42fa8480d17d87eea5fc6571b25cc2ebbb1f30ef417d06dd624a3d6b9c2d911d
java-1.4.2-ibm-javacomm-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: aabb629e6970878d79897a07f0bfad0a
SHA-256: b152503531b4e65e0624d3bdb16f11fe4de9eef03777dd2fe643a880a4709776
java-1.4.2-ibm-javacomm-1.4.2.13.12-1jpp.1.el5_8.x86_64.rpm
File outdated by:  RHSA-2012:1485
    MD5: aed5b63051c822c9edb574749cfbdd09
SHA-256: 20f5dee21cbaedcb489551e40355e5af4a8d9bfdcf883fafe4cd400713277a20
java-1.4.2-ibm-jdbc-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: 3e191de72898bc2fcda26bc7b2df85e2
SHA-256: 3535b7ef2df5f066fab9deaddf4b24387b9b06f42e3f729c5b36a9f3da64bfd4
java-1.4.2-ibm-plugin-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: d54338b908197cb09357bc36ad895869
SHA-256: 2ea691bdd751ef1ed91744ab24f9134145729d2770e15c9c22f648d44a1e0ef5
java-1.4.2-ibm-src-1.4.2.13.12-1jpp.1.el5_8.i386.rpm
File outdated by:  RHSA-2012:1485
    MD5: c9c967567cb344979d61eb180e2df578
SHA-256: c152bdeda8ad043c7ba311e3dc853f59cbb6533e9eb93c1c0e30512106ed56e6
java-1.4.2-ibm-src-1.4.2.13.12-1jpp.1.el5_8.x86_64.rpm
File outdated by:  RHSA-2012:1485
    MD5: 195db7d060582836805b154b154e7341
SHA-256: cfa780c071c232c8de23596f514155eee9f369996b1fbd851b72bee9ac870b2d
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

788976 - CVE-2012-0503 OpenJDK: unrestricted use of TimeZone.setDefault() (i18n, 7110687)
789295 - CVE-2011-3563 OpenJDK: JavaSound incorrect bounds check (Sound, 7088367)
789297 - CVE-2012-0502 OpenJDK: KeyboardFocusManager focus stealing (AWT, 7110683)
789299 - CVE-2012-0505 OpenJDK: incomplete info in the deserialization exception (Serialization, 7110700)
789300 - CVE-2012-0506 OpenJDK: mutable repository identifiers (CORBA, 7110704)
790722 - CVE-2012-0499 Oracle JDK: unspecified vulnerability fixed in 6u31 and 7u3 (2D)


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/