Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2016:1039 - Security Advisory
Issued:
2016-05-11
Updated:
2016-05-11

RHSA-2016:1039 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Critical: java-1.8.0-ibm security update

Type/Severity

Security Advisory: Critical

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 6 Supplementary.

Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.

This update upgrades IBM Java SE 8 to version 8 SR3.

Security Fix(es):

  • This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2016-0264, CVE-2016-0363, CVE-2016-0376, CVE-2016-0686, CVE-2016-0687, CVE-2016-3422, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of IBM Java must be restarted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server 6 x86_64
  • Red Hat Enterprise Linux Server 6 i386
  • Red Hat Enterprise Linux Workstation 6 x86_64
  • Red Hat Enterprise Linux Workstation 6 i386
  • Red Hat Enterprise Linux Desktop 6 x86_64
  • Red Hat Enterprise Linux Desktop 6 i386
  • Red Hat Enterprise Linux for IBM z Systems 6 s390x
  • Red Hat Enterprise Linux for Power, big endian 6 ppc64
  • Red Hat Enterprise Linux for Scientific Computing 6 x86_64
  • Red Hat Enterprise Linux Server from RHUI 6 x86_64
  • Red Hat Enterprise Linux Server from RHUI 6 i386

Fixes

  • BZ - 1324044 - CVE-2016-0363 IBM JDK: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix
  • BZ - 1327743 - CVE-2016-0686 OpenJDK: insufficient thread consistency checks in ObjectInputStream (Serialization, 8129952)
  • BZ - 1327749 - CVE-2016-0687 OpenJDK: insufficient byte type checks (Hotspot, 8132051)
  • BZ - 1328059 - CVE-2016-3426 OpenJDK: non-constant time GCM authentication tag comparison (JCE, 8143945)
  • BZ - 1328210 - CVE-2016-3427 OpenJDK: unrestricted deserialization of authentication credentials (JMX, 8144430)
  • BZ - 1328618 - CVE-2016-3443 Oracle JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)
  • BZ - 1328619 - CVE-2016-3449 Oracle JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (Deployment)
  • BZ - 1328620 - CVE-2016-3422 Oracle JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)
  • BZ - 1330986 - CVE-2016-0376 IBM JDK: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix
  • BZ - 1331359 - CVE-2016-0264 IBM JDK: buffer overflow vulnerability in the IBM JVM

CVEs

  • CVE-2016-0264
  • CVE-2016-0363
  • CVE-2016-0376
  • CVE-2016-0686
  • CVE-2016-0687
  • CVE-2016-3422
  • CVE-2016-3426
  • CVE-2016-3427
  • CVE-2016-3443
  • CVE-2016-3449

References

  • http://www.redhat.com/security/updates/classification/#normal
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 6

SRPM
x86_64
java-1.8.0-ibm-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 08ed84342e0f82bffaa8daaa6dffef9b12fa8b7538e778733b2e19a50c7f4858
java-1.8.0-ibm-demo-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: d447cd11dee2f81f5ca80e7a641d0e31f73c28cfe4e098b5712d399502f71592
java-1.8.0-ibm-devel-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 2ccfd210d79f831e1c0629fe86f891c6a1f6d0b2fd36e5289118956204902dbb
java-1.8.0-ibm-jdbc-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 3859afee573cb28cc1ad103a505a3f0299f2aa42a7a6113e12f35ccef2e7c1b9
java-1.8.0-ibm-plugin-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: e82dc41c1851225bd06c4a05b5e498824f8a5c6968ed10a712361922a1469eb9
java-1.8.0-ibm-src-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 74829830f15692bd38c1b7f24d6be7d55cb10795f9ff2d5bf97e3aefefa7e22f
i386
java-1.8.0-ibm-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 1d4c7cb2623c2c1872a25f6e2b41f6f68e9f48701037bda7ace70c899a13274b
java-1.8.0-ibm-demo-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 2d08de5b7c482b5cfd942ca7843c3e8e05769cfecab6ec3bcd04e28e6fbed63b
java-1.8.0-ibm-devel-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 027c63ae52d1019094544879c0f06a6fc0be77db7819c5563476015807db8760
java-1.8.0-ibm-jdbc-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 76074fdaeb86f3c3512c7677e7d9fd1a45ddc076bb6f84631621da39a2cb0e53
java-1.8.0-ibm-plugin-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: b3b05fbaacd49cd377e9684ead8764e1c2bfa9083d201ead70099e4556fc0073
java-1.8.0-ibm-src-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 1fcdaea4866716910127d728b228ff7c28a4822c137fdf037904bbc89a1f2b62

Red Hat Enterprise Linux Workstation 6

SRPM
x86_64
java-1.8.0-ibm-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 08ed84342e0f82bffaa8daaa6dffef9b12fa8b7538e778733b2e19a50c7f4858
java-1.8.0-ibm-demo-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: d447cd11dee2f81f5ca80e7a641d0e31f73c28cfe4e098b5712d399502f71592
java-1.8.0-ibm-devel-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 2ccfd210d79f831e1c0629fe86f891c6a1f6d0b2fd36e5289118956204902dbb
java-1.8.0-ibm-jdbc-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 3859afee573cb28cc1ad103a505a3f0299f2aa42a7a6113e12f35ccef2e7c1b9
java-1.8.0-ibm-plugin-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: e82dc41c1851225bd06c4a05b5e498824f8a5c6968ed10a712361922a1469eb9
java-1.8.0-ibm-src-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 74829830f15692bd38c1b7f24d6be7d55cb10795f9ff2d5bf97e3aefefa7e22f
i386
java-1.8.0-ibm-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 1d4c7cb2623c2c1872a25f6e2b41f6f68e9f48701037bda7ace70c899a13274b
java-1.8.0-ibm-demo-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 2d08de5b7c482b5cfd942ca7843c3e8e05769cfecab6ec3bcd04e28e6fbed63b
java-1.8.0-ibm-devel-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 027c63ae52d1019094544879c0f06a6fc0be77db7819c5563476015807db8760
java-1.8.0-ibm-jdbc-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 76074fdaeb86f3c3512c7677e7d9fd1a45ddc076bb6f84631621da39a2cb0e53
java-1.8.0-ibm-plugin-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: b3b05fbaacd49cd377e9684ead8764e1c2bfa9083d201ead70099e4556fc0073
java-1.8.0-ibm-src-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 1fcdaea4866716910127d728b228ff7c28a4822c137fdf037904bbc89a1f2b62

Red Hat Enterprise Linux Desktop 6

SRPM
x86_64
java-1.8.0-ibm-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 08ed84342e0f82bffaa8daaa6dffef9b12fa8b7538e778733b2e19a50c7f4858
java-1.8.0-ibm-demo-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: d447cd11dee2f81f5ca80e7a641d0e31f73c28cfe4e098b5712d399502f71592
java-1.8.0-ibm-devel-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 2ccfd210d79f831e1c0629fe86f891c6a1f6d0b2fd36e5289118956204902dbb
java-1.8.0-ibm-jdbc-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 3859afee573cb28cc1ad103a505a3f0299f2aa42a7a6113e12f35ccef2e7c1b9
java-1.8.0-ibm-plugin-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: e82dc41c1851225bd06c4a05b5e498824f8a5c6968ed10a712361922a1469eb9
java-1.8.0-ibm-src-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 74829830f15692bd38c1b7f24d6be7d55cb10795f9ff2d5bf97e3aefefa7e22f
i386
java-1.8.0-ibm-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 1d4c7cb2623c2c1872a25f6e2b41f6f68e9f48701037bda7ace70c899a13274b
java-1.8.0-ibm-demo-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 2d08de5b7c482b5cfd942ca7843c3e8e05769cfecab6ec3bcd04e28e6fbed63b
java-1.8.0-ibm-devel-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 027c63ae52d1019094544879c0f06a6fc0be77db7819c5563476015807db8760
java-1.8.0-ibm-jdbc-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 76074fdaeb86f3c3512c7677e7d9fd1a45ddc076bb6f84631621da39a2cb0e53
java-1.8.0-ibm-plugin-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: b3b05fbaacd49cd377e9684ead8764e1c2bfa9083d201ead70099e4556fc0073
java-1.8.0-ibm-src-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 1fcdaea4866716910127d728b228ff7c28a4822c137fdf037904bbc89a1f2b62

Red Hat Enterprise Linux for IBM z Systems 6

SRPM
s390x
java-1.8.0-ibm-1.8.0.3.0-1jpp.1.el6.s390x.rpm SHA-256: e3042825c2785c6032bcec23a7637dc2f03ff7a21f0b5e6f3303d6ce1f2a7319
java-1.8.0-ibm-demo-1.8.0.3.0-1jpp.1.el6.s390x.rpm SHA-256: c678fde117d6b49c35e259bede127835c882c82399b2b8ca1eb065a5c872a6ee
java-1.8.0-ibm-devel-1.8.0.3.0-1jpp.1.el6.s390x.rpm SHA-256: 35cb633856154968f34c70f996f48b801e0fc26db405d6ba70c3d3515fe108a0
java-1.8.0-ibm-jdbc-1.8.0.3.0-1jpp.1.el6.s390x.rpm SHA-256: 3b9758752109bc952377031bc9c0882e75f83e45a16845fc0b8c3b795d2415a9
java-1.8.0-ibm-src-1.8.0.3.0-1jpp.1.el6.s390x.rpm SHA-256: 13f69db9d667debad4cfa1155d601af0899c154cf9cd193b210568b7b667062b

Red Hat Enterprise Linux for Power, big endian 6

SRPM
ppc64
java-1.8.0-ibm-1.8.0.3.0-1jpp.1.el6.ppc64.rpm SHA-256: 83ab4d059d7995450ca55b45a27d72a2cc32a5f74daddbe61567d47d41969f56
java-1.8.0-ibm-demo-1.8.0.3.0-1jpp.1.el6.ppc64.rpm SHA-256: 01afaaae761dce50086e2292050b1ef389bccfa61329e368d1a6b98895c98a3a
java-1.8.0-ibm-devel-1.8.0.3.0-1jpp.1.el6.ppc64.rpm SHA-256: 373986981b5c0179759c44c809ed8205ee8166f0ba4e6f88ddbad5472f40ea1b
java-1.8.0-ibm-jdbc-1.8.0.3.0-1jpp.1.el6.ppc64.rpm SHA-256: fc055c25861538cb413ca21774a733d3e4a0347ef029af41b01ead6ea869fa83
java-1.8.0-ibm-src-1.8.0.3.0-1jpp.1.el6.ppc64.rpm SHA-256: 34b5ddf4ee34eb682274860201ff28de95926e0bd0239a5c1abc0a7b6c67b940

Red Hat Enterprise Linux for Scientific Computing 6

SRPM
x86_64
java-1.8.0-ibm-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 08ed84342e0f82bffaa8daaa6dffef9b12fa8b7538e778733b2e19a50c7f4858
java-1.8.0-ibm-demo-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: d447cd11dee2f81f5ca80e7a641d0e31f73c28cfe4e098b5712d399502f71592
java-1.8.0-ibm-devel-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 2ccfd210d79f831e1c0629fe86f891c6a1f6d0b2fd36e5289118956204902dbb
java-1.8.0-ibm-src-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 74829830f15692bd38c1b7f24d6be7d55cb10795f9ff2d5bf97e3aefefa7e22f

Red Hat Enterprise Linux Server from RHUI 6

SRPM
x86_64
java-1.8.0-ibm-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 08ed84342e0f82bffaa8daaa6dffef9b12fa8b7538e778733b2e19a50c7f4858
java-1.8.0-ibm-demo-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: d447cd11dee2f81f5ca80e7a641d0e31f73c28cfe4e098b5712d399502f71592
java-1.8.0-ibm-devel-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 2ccfd210d79f831e1c0629fe86f891c6a1f6d0b2fd36e5289118956204902dbb
java-1.8.0-ibm-jdbc-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 3859afee573cb28cc1ad103a505a3f0299f2aa42a7a6113e12f35ccef2e7c1b9
java-1.8.0-ibm-plugin-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: e82dc41c1851225bd06c4a05b5e498824f8a5c6968ed10a712361922a1469eb9
java-1.8.0-ibm-src-1.8.0.3.0-1jpp.1.el6.x86_64.rpm SHA-256: 74829830f15692bd38c1b7f24d6be7d55cb10795f9ff2d5bf97e3aefefa7e22f
i386
java-1.8.0-ibm-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 1d4c7cb2623c2c1872a25f6e2b41f6f68e9f48701037bda7ace70c899a13274b
java-1.8.0-ibm-demo-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 2d08de5b7c482b5cfd942ca7843c3e8e05769cfecab6ec3bcd04e28e6fbed63b
java-1.8.0-ibm-devel-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 027c63ae52d1019094544879c0f06a6fc0be77db7819c5563476015807db8760
java-1.8.0-ibm-jdbc-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 76074fdaeb86f3c3512c7677e7d9fd1a45ddc076bb6f84631621da39a2cb0e53
java-1.8.0-ibm-plugin-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: b3b05fbaacd49cd377e9684ead8764e1c2bfa9083d201ead70099e4556fc0073
java-1.8.0-ibm-src-1.8.0.3.0-1jpp.1.el6.i686.rpm SHA-256: 1fcdaea4866716910127d728b228ff7c28a4822c137fdf037904bbc89a1f2b62

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
2023
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Twitter Facebook