Vulnerability & Exploit Database

Back to search

RHSA-2015:1485: java-1.7.1-ibm security update

Severity CVSS Published Added Modified
10 (AV:N/AC:L/Au:N/C:C/I:C/A:C) July 15, 2015 July 22, 2015 October 29, 2017

Description

IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environmentand the IBM Java Software Development Kit.This update fixes several vulnerabilities in the IBM Java RuntimeEnvironment and the IBM Java Software Development Kit. Further informationabout these flaws can be found on the IBM Java Security alerts page, listedin the References section. (CVE-2015-1931, CVE-2015-2590, CVE-2015-2601,CVE-2015-2613, CVE-2015-2619, CVE-2015-2621, CVE-2015-2625, CVE-2015-2632,CVE-2015-2637, CVE-2015-2638, CVE-2015-2664, CVE-2015-4000, CVE-2015-4729,CVE-2015-4731, CVE-2015-4732, CVE-2015-4733, CVE-2015-4736, CVE-2015-4748,CVE-2015-4749, CVE-2015-4760)Note: This update forces the TLS/SSL client implementation in IBM JDK toreject DH key sizes below 768 bits to address the CVE-2015-4000 issue.Refer to Red Hat Bugzilla bug 1223211, linked to in the References section,for additional details about this change.All users of java-1.7.1-ibm are advised to upgrade to these updatedpackages, containing the IBM Java SE 7R1 SR3-FP10 release. All runninginstances of IBM Java must be restarted for the update to take effect.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

redhat-upgrade-java-1-7-1-ibm

Related Vulnerabilities