Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2016:1039 - Security Advisory
Issued:
2016-05-11
Updated:
2016-05-11

RHSA-2016:1039 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Critical: java-1.8.0-ibm security update

Type/Severity

Security Advisory: Critical

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 6 Supplementary.

Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.

This update upgrades IBM Java SE 8 to version 8 SR3.

Security Fix(es):

  • This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2016-0264, CVE-2016-0363, CVE-2016-0376, CVE-2016-0686, CVE-2016-0687, CVE-2016-3422, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of IBM Java must be restarted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server 6 x86_64
  • Red Hat Enterprise Linux Server 6 i386
  • Red Hat Enterprise Linux Workstation 6 x86_64
  • Red Hat Enterprise Linux Workstation 6 i386
  • Red Hat Enterprise Linux Desktop 6 x86_64
  • Red Hat Enterprise Linux Desktop 6 i386
  • Red Hat Enterprise Linux for IBM z Systems 6 s390x
  • Red Hat Enterprise Linux for Power, big endian 6 ppc64
  • Red Hat Enterprise Linux for Scientific Computing 6 x86_64
  • Red Hat Enterprise Linux Server from RHUI 6 x86_64
  • Red Hat Enterprise Linux Server from RHUI 6 i386

Fixes

  • BZ - 1324044 - CVE-2016-0363 IBM JDK: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix
  • BZ - 1327743 - CVE-2016-0686 OpenJDK: insufficient thread consistency checks in ObjectInputStream (Serialization, 8129952)
  • BZ - 1327749 - CVE-2016-0687 OpenJDK: insufficient byte type checks (Hotspot, 8132051)
  • BZ - 1328059 - CVE-2016-3426 OpenJDK: non-constant time GCM authentication tag comparison (JCE, 8143945)
  • BZ - 1328210 - CVE-2016-3427 OpenJDK: unrestricted deserialization of authentication credentials (JMX, 8144430)
  • BZ - 1328618 - CVE-2016-3443 Oracle JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)
  • BZ - 1328619 - CVE-2016-3449 Oracle JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (Deployment)
  • BZ - 1328620 - CVE-2016-3422 Oracle JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)
  • BZ - 1330986 - CVE-2016-0376 IBM JDK: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix
  • BZ - 1331359 - CVE-2016-0264 IBM JDK: buffer overflow vulnerability in the IBM JVM

CVEs

  • CVE-2016-0264
  • CVE-2016-0363
  • CVE-2016-0376
  • CVE-2016-0686
  • CVE-2016-0687
  • CVE-2016-3422
  • CVE-2016-3426
  • CVE-2016-3427
  • CVE-2016-3443
  • CVE-2016-3449

References

  • http://www.redhat.com/security/updates/classification/#normal
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 6

SRPM
x86_64
java-1.8.0-ibm-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 08ed84342e0f82bffaa8daaa6dffef9b12fa8b7538e778733b2e19a50c7f4858
java-1.8.0-ibm-demo-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: d447cd11dee2f81f5ca80e7a641d0e31f73c28cfe4e098b5712d399502f71592
java-1.8.0-ibm-devel-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 2ccfd210d79f831e1c0629fe86f891c6a1f6d0b2fd36e5289118956204902dbb
java-1.8.0-ibm-jdbc-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 3859afee573cb28cc1ad103a505a3f0299f2aa42a7a6113e12f35ccef2e7c1b9
java-1.8.0-ibm-plugin-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: e82dc41c1851225bd06c4a05b5e498824f8a5c6968ed10a712361922a1469eb9
java-1.8.0-ibm-src-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 74829830f15692bd38c1b7f24d6be7d55cb10795f9ff2d5bf97e3aefefa7e22f
i386
java-1.8.0-ibm-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 1d4c7cb2623c2c1872a25f6e2b41f6f68e9f48701037bda7ace70c899a13274b
java-1.8.0-ibm-demo-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 2d08de5b7c482b5cfd942ca7843c3e8e05769cfecab6ec3bcd04e28e6fbed63b
java-1.8.0-ibm-devel-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 027c63ae52d1019094544879c0f06a6fc0be77db7819c5563476015807db8760
java-1.8.0-ibm-jdbc-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 76074fdaeb86f3c3512c7677e7d9fd1a45ddc076bb6f84631621da39a2cb0e53
java-1.8.0-ibm-plugin-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: b3b05fbaacd49cd377e9684ead8764e1c2bfa9083d201ead70099e4556fc0073
java-1.8.0-ibm-src-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 1fcdaea4866716910127d728b228ff7c28a4822c137fdf037904bbc89a1f2b62

Red Hat Enterprise Linux Workstation 6

SRPM
x86_64
java-1.8.0-ibm-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 08ed84342e0f82bffaa8daaa6dffef9b12fa8b7538e778733b2e19a50c7f4858
java-1.8.0-ibm-demo-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: d447cd11dee2f81f5ca80e7a641d0e31f73c28cfe4e098b5712d399502f71592
java-1.8.0-ibm-devel-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 2ccfd210d79f831e1c0629fe86f891c6a1f6d0b2fd36e5289118956204902dbb
java-1.8.0-ibm-jdbc-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 3859afee573cb28cc1ad103a505a3f0299f2aa42a7a6113e12f35ccef2e7c1b9
java-1.8.0-ibm-plugin-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: e82dc41c1851225bd06c4a05b5e498824f8a5c6968ed10a712361922a1469eb9
java-1.8.0-ibm-src-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 74829830f15692bd38c1b7f24d6be7d55cb10795f9ff2d5bf97e3aefefa7e22f
i386
java-1.8.0-ibm-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 1d4c7cb2623c2c1872a25f6e2b41f6f68e9f48701037bda7ace70c899a13274b
java-1.8.0-ibm-demo-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 2d08de5b7c482b5cfd942ca7843c3e8e05769cfecab6ec3bcd04e28e6fbed63b
java-1.8.0-ibm-devel-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 027c63ae52d1019094544879c0f06a6fc0be77db7819c5563476015807db8760
java-1.8.0-ibm-jdbc-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 76074fdaeb86f3c3512c7677e7d9fd1a45ddc076bb6f84631621da39a2cb0e53
java-1.8.0-ibm-plugin-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: b3b05fbaacd49cd377e9684ead8764e1c2bfa9083d201ead70099e4556fc0073
java-1.8.0-ibm-src-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 1fcdaea4866716910127d728b228ff7c28a4822c137fdf037904bbc89a1f2b62

Red Hat Enterprise Linux Desktop 6

SRPM
x86_64
java-1.8.0-ibm-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 08ed84342e0f82bffaa8daaa6dffef9b12fa8b7538e778733b2e19a50c7f4858
java-1.8.0-ibm-demo-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: d447cd11dee2f81f5ca80e7a641d0e31f73c28cfe4e098b5712d399502f71592
java-1.8.0-ibm-devel-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 2ccfd210d79f831e1c0629fe86f891c6a1f6d0b2fd36e5289118956204902dbb
java-1.8.0-ibm-jdbc-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 3859afee573cb28cc1ad103a505a3f0299f2aa42a7a6113e12f35ccef2e7c1b9
java-1.8.0-ibm-plugin-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: e82dc41c1851225bd06c4a05b5e498824f8a5c6968ed10a712361922a1469eb9
java-1.8.0-ibm-src-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 74829830f15692bd38c1b7f24d6be7d55cb10795f9ff2d5bf97e3aefefa7e22f
i386
java-1.8.0-ibm-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 1d4c7cb2623c2c1872a25f6e2b41f6f68e9f48701037bda7ace70c899a13274b
java-1.8.0-ibm-demo-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 2d08de5b7c482b5cfd942ca7843c3e8e05769cfecab6ec3bcd04e28e6fbed63b
java-1.8.0-ibm-devel-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 027c63ae52d1019094544879c0f06a6fc0be77db7819c5563476015807db8760
java-1.8.0-ibm-jdbc-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 76074fdaeb86f3c3512c7677e7d9fd1a45ddc076bb6f84631621da39a2cb0e53
java-1.8.0-ibm-plugin-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: b3b05fbaacd49cd377e9684ead8764e1c2bfa9083d201ead70099e4556fc0073
java-1.8.0-ibm-src-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 1fcdaea4866716910127d728b228ff7c28a4822c137fdf037904bbc89a1f2b62

Red Hat Enterprise Linux for IBM z Systems 6

SRPM
s390x
java-1.8.0-ibm-1.8.0.3.0-1jpp.1.el6.s390x.rpm SHA-256: e3042825c2785c6032bcec23a7637dc2f03ff7a21f0b5e6f3303d6ce1f2a7319
java-1.8.0-ibm-demo-1.8.0.3.0-1jpp.1.el6.s390x.rpm SHA-256: c678fde117d6b49c35e259bede127835c882c82399b2b8ca1eb065a5c872a6ee
java-1.8.0-ibm-devel-1.8.0.3.0-1jpp.1.el6.s390x.rpm SHA-256: 35cb633856154968f34c70f996f48b801e0fc26db405d6ba70c3d3515fe108a0
java-1.8.0-ibm-jdbc-1.8.0.3.0-1jpp.1.el6.s390x.rpm SHA-256: 3b9758752109bc952377031bc9c0882e75f83e45a16845fc0b8c3b795d2415a9
java-1.8.0-ibm-src-1.8.0.3.0-1jpp.1.el6.s390x.rpm SHA-256: 13f69db9d667debad4cfa1155d601af0899c154cf9cd193b210568b7b667062b

Red Hat Enterprise Linux for Power, big endian 6

SRPM
ppc64
java-1.8.0-ibm-1.8.0.3.0-1jpp.1.el6.ppc64.rpm SHA-256: 83ab4d059d7995450ca55b45a27d72a2cc32a5f74daddbe61567d47d41969f56
java-1.8.0-ibm-demo-1.8.0.3.0-1jpp.1.el6.ppc64.rpm SHA-256: 01afaaae761dce50086e2292050b1ef389bccfa61329e368d1a6b98895c98a3a
java-1.8.0-ibm-devel-1.8.0.3.0-1jpp.1.el6.ppc64.rpm SHA-256: 373986981b5c0179759c44c809ed8205ee8166f0ba4e6f88ddbad5472f40ea1b
java-1.8.0-ibm-jdbc-1.8.0.3.0-1jpp.1.el6.ppc64.rpm SHA-256: fc055c25861538cb413ca21774a733d3e4a0347ef029af41b01ead6ea869fa83
java-1.8.0-ibm-src-1.8.0.3.0-1jpp.1.el6.ppc64.rpm SHA-256: 34b5ddf4ee34eb682274860201ff28de95926e0bd0239a5c1abc0a7b6c67b940

Red Hat Enterprise Linux for Scientific Computing 6

SRPM
x86_64
java-1.8.0-ibm-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 08ed84342e0f82bffaa8daaa6dffef9b12fa8b7538e778733b2e19a50c7f4858
java-1.8.0-ibm-demo-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: d447cd11dee2f81f5ca80e7a641d0e31f73c28cfe4e098b5712d399502f71592
java-1.8.0-ibm-devel-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 2ccfd210d79f831e1c0629fe86f891c6a1f6d0b2fd36e5289118956204902dbb
java-1.8.0-ibm-src-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 74829830f15692bd38c1b7f24d6be7d55cb10795f9ff2d5bf97e3aefefa7e22f

Red Hat Enterprise Linux Server from RHUI 6

SRPM
x86_64
java-1.8.0-ibm-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 08ed84342e0f82bffaa8daaa6dffef9b12fa8b7538e778733b2e19a50c7f4858
java-1.8.0-ibm-demo-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: d447cd11dee2f81f5ca80e7a641d0e31f73c28cfe4e098b5712d399502f71592
java-1.8.0-ibm-devel-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 2ccfd210d79f831e1c0629fe86f891c6a1f6d0b2fd36e5289118956204902dbb
java-1.8.0-ibm-jdbc-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 3859afee573cb28cc1ad103a505a3f0299f2aa42a7a6113e12f35ccef2e7c1b9
java-1.8.0-ibm-plugin-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: e82dc41c1851225bd06c4a05b5e498824f8a5c6968ed10a712361922a1469eb9
java-1.8.0-ibm-src-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 74829830f15692bd38c1b7f24d6be7d55cb10795f9ff2d5bf97e3aefefa7e22f
i386
java-1.8.0-ibm-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 1d4c7cb2623c2c1872a25f6e2b41f6f68e9f48701037bda7ace70c899a13274b
java-1.8.0-ibm-demo-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 2d08de5b7c482b5cfd942ca7843c3e8e05769cfecab6ec3bcd04e28e6fbed63b
java-1.8.0-ibm-devel-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 027c63ae52d1019094544879c0f06a6fc0be77db7819c5563476015807db8760
java-1.8.0-ibm-jdbc-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 76074fdaeb86f3c3512c7677e7d9fd1a45ddc076bb6f84631621da39a2cb0e53
java-1.8.0-ibm-plugin-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: b3b05fbaacd49cd377e9684ead8764e1c2bfa9083d201ead70099e4556fc0073
java-1.8.0-ibm-src-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 1fcdaea4866716910127d728b228ff7c28a4822c137fdf037904bbc89a1f2b62

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility