Red Hat Product Errata RHSA-2017:3264 - Security Advisory

Issued:: 2017-11-27
Updated:: 2017-11-27

RHSA-2017:3264 - Security Advisory

Overview
Updated Packages

Synopsis

Critical: java-1.8.0-ibm security update

Type/Severity

Security Advisory: Critical

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.

Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.

This update upgrades IBM Java SE 8 to version 8 SR5-FP5.

Security Fix(es):

This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security Vulnerabilities page listed in the References section. (CVE-2016-10165, CVE-2017-10281, CVE-2017-10285, CVE-2017-10295, CVE-2017-10309, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of IBM Java must be restarted for this update to take effect.

Affected Products

Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.5 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for IBM z Systems 7 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.5 s390x
Red Hat Enterprise Linux for Power, big endian 7 ppc64
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.5 ppc64
Red Hat Enterprise Linux for Scientific Computing 7 x86_64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.5 ppc64le

Fixes

BZ - 1367357 - CVE-2016-10165 lcms2: Out-of-bounds read in Type_MLU_Read()
BZ - 1501868 - CVE-2017-10285 OpenJDK: incorrect privilege use when handling unreferenced objects (RMI, 8174966)
BZ - 1501873 - CVE-2017-10346 OpenJDK: insufficient loader constraints checks for invokespecial (Hotspot, 8180711)
BZ - 1502038 - CVE-2017-10388 OpenJDK: use of unprotected sname in Kerberos client (Libraries, 8178794)
BZ - 1502611 - CVE-2017-10349 OpenJDK: unbounded memory allocation in PredicatedNodeTest deserialization (JAXP, 8181327)
BZ - 1502614 - CVE-2017-10357 OpenJDK: unbounded memory allocation in ObjectInputStream deserialization (Serialization, 8181597)
BZ - 1502629 - CVE-2017-10348 OpenJDK: multiple unbounded memory allocations in deserialization (Libraries, 8181432)
BZ - 1502632 - CVE-2017-10347 OpenJDK: unbounded memory allocation in SimpleTimeZone deserialization (Serialization, 8181323)
BZ - 1502640 - CVE-2017-10350 OpenJDK: unbounded memory allocation in JAXWSExceptionBase deserialization (JAX-WS, 8181100)
BZ - 1502649 - CVE-2017-10281 OpenJDK: multiple unbounded memory allocations in deserialization (Serialization, 8174109)
BZ - 1502687 - CVE-2017-10295 OpenJDK: HTTP client insufficient check for newline in URLs (Networking, 8176751)
BZ - 1502858 - CVE-2017-10345 OpenJDK: unbounded resource use in JceKeyStore deserialization (Serialization, 8181370)
BZ - 1502869 - CVE-2017-10355 OpenJDK: no default network operations timeouts in FtpClient (Networking, 8181612)
BZ - 1503169 - CVE-2017-10356 OpenJDK: weak protection of key stores against brute forcing (Security, 8181692)
BZ - 1503319 - CVE-2017-10309 Oracle JDK: unspecified vulnerability fixed in 8u151 and 9.0.1 (Deployment)

CVEs

References

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 7

SRPM
x86_64
java-1.8.0-ibm-1.8.0.5.5-1jpp.2.el7.i686.rpm	SHA-256: 00b264d633894307fee2d1ec077a291e8fd9f5f378418492164f6bfa06183981
java-1.8.0-ibm-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: 28434defb064086234832c7339404fce3ef7029312b9f3b79a703650650289f3
java-1.8.0-ibm-demo-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: 5248f0635d88235141ff53696801265b4125537c703e7dfe21a1255eaf85a10d
java-1.8.0-ibm-devel-1.8.0.5.5-1jpp.2.el7.i686.rpm	SHA-256: 3202fb49bbb12d3848110083cbd455d7b68f66cc28acadbe846ed586e0c8fa8d
java-1.8.0-ibm-devel-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: 272cc4c603d67b5baeaa1db91224a0fbff749c4858ff6b3d11958a28134700b2
java-1.8.0-ibm-jdbc-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: 815e64f18e55d91af6ab0fa86638da4e17d517cc1c45b4bec37bece98b6618a4
java-1.8.0-ibm-plugin-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: ece0d94f4d9b7692b0cbd06e1f8119b5b00ba212c34f5315ebc96a7ae887c1d5
java-1.8.0-ibm-src-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: 9e8f0ceac8a68b00c036042a196c5805f3711964479e0575ce072a2ec7e315ed

Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.5

SRPM
x86_64
java-1.8.0-ibm-1.8.0.5.5-1jpp.2.el7.i686.rpm	SHA-256: 00b264d633894307fee2d1ec077a291e8fd9f5f378418492164f6bfa06183981
java-1.8.0-ibm-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: 28434defb064086234832c7339404fce3ef7029312b9f3b79a703650650289f3
java-1.8.0-ibm-demo-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: 5248f0635d88235141ff53696801265b4125537c703e7dfe21a1255eaf85a10d
java-1.8.0-ibm-devel-1.8.0.5.5-1jpp.2.el7.i686.rpm	SHA-256: 3202fb49bbb12d3848110083cbd455d7b68f66cc28acadbe846ed586e0c8fa8d
java-1.8.0-ibm-devel-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: 272cc4c603d67b5baeaa1db91224a0fbff749c4858ff6b3d11958a28134700b2
java-1.8.0-ibm-jdbc-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: 815e64f18e55d91af6ab0fa86638da4e17d517cc1c45b4bec37bece98b6618a4
java-1.8.0-ibm-plugin-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: ece0d94f4d9b7692b0cbd06e1f8119b5b00ba212c34f5315ebc96a7ae887c1d5
java-1.8.0-ibm-src-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: 9e8f0ceac8a68b00c036042a196c5805f3711964479e0575ce072a2ec7e315ed

Red Hat Enterprise Linux Workstation 7

SRPM
x86_64
java-1.8.0-ibm-1.8.0.5.5-1jpp.2.el7.i686.rpm	SHA-256: 00b264d633894307fee2d1ec077a291e8fd9f5f378418492164f6bfa06183981
java-1.8.0-ibm-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: 28434defb064086234832c7339404fce3ef7029312b9f3b79a703650650289f3
java-1.8.0-ibm-demo-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: 5248f0635d88235141ff53696801265b4125537c703e7dfe21a1255eaf85a10d
java-1.8.0-ibm-devel-1.8.0.5.5-1jpp.2.el7.i686.rpm	SHA-256: 3202fb49bbb12d3848110083cbd455d7b68f66cc28acadbe846ed586e0c8fa8d
java-1.8.0-ibm-devel-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: 272cc4c603d67b5baeaa1db91224a0fbff749c4858ff6b3d11958a28134700b2
java-1.8.0-ibm-jdbc-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: 815e64f18e55d91af6ab0fa86638da4e17d517cc1c45b4bec37bece98b6618a4
java-1.8.0-ibm-plugin-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: ece0d94f4d9b7692b0cbd06e1f8119b5b00ba212c34f5315ebc96a7ae887c1d5
java-1.8.0-ibm-src-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: 9e8f0ceac8a68b00c036042a196c5805f3711964479e0575ce072a2ec7e315ed

Red Hat Enterprise Linux Desktop 7

SRPM
x86_64
java-1.8.0-ibm-1.8.0.5.5-1jpp.2.el7.i686.rpm	SHA-256: 00b264d633894307fee2d1ec077a291e8fd9f5f378418492164f6bfa06183981
java-1.8.0-ibm-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: 28434defb064086234832c7339404fce3ef7029312b9f3b79a703650650289f3
java-1.8.0-ibm-demo-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: 5248f0635d88235141ff53696801265b4125537c703e7dfe21a1255eaf85a10d
java-1.8.0-ibm-devel-1.8.0.5.5-1jpp.2.el7.i686.rpm	SHA-256: 3202fb49bbb12d3848110083cbd455d7b68f66cc28acadbe846ed586e0c8fa8d
java-1.8.0-ibm-devel-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: 272cc4c603d67b5baeaa1db91224a0fbff749c4858ff6b3d11958a28134700b2
java-1.8.0-ibm-jdbc-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: 815e64f18e55d91af6ab0fa86638da4e17d517cc1c45b4bec37bece98b6618a4
java-1.8.0-ibm-plugin-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: ece0d94f4d9b7692b0cbd06e1f8119b5b00ba212c34f5315ebc96a7ae887c1d5
java-1.8.0-ibm-src-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: 9e8f0ceac8a68b00c036042a196c5805f3711964479e0575ce072a2ec7e315ed

Red Hat Enterprise Linux for IBM z Systems 7

SRPM
s390x
java-1.8.0-ibm-1.8.0.5.5-1jpp.2.el7.s390.rpm	SHA-256: e8baa48e38390e995e2016b8e51d8a75ed94845f7e8b8acab23a590790b3d217
java-1.8.0-ibm-1.8.0.5.5-1jpp.2.el7.s390x.rpm	SHA-256: 33455a43ef6881c38e6b4af436d762f13f2a089e8a8836821452a623a8971d28
java-1.8.0-ibm-demo-1.8.0.5.5-1jpp.2.el7.s390x.rpm	SHA-256: 10ecc297a6445d8db112bdfd35206655e91bc6f6edc4b4ef20f6f779e4728140
java-1.8.0-ibm-devel-1.8.0.5.5-1jpp.2.el7.s390.rpm	SHA-256: 773fad3ca3f17f30d9a86056bfc47ba3bfe365391a1aa97872efcdb47cb859e0
java-1.8.0-ibm-devel-1.8.0.5.5-1jpp.2.el7.s390x.rpm	SHA-256: 81066c0a35fcb1071a17712eb927f1cc4d8dadca0f648ec388354f5382188282
java-1.8.0-ibm-jdbc-1.8.0.5.5-1jpp.2.el7.s390x.rpm	SHA-256: 2f42bef4c305d26737ac296538550d533ccbdcb84a81ebbf5193e24ba7e78fd7
java-1.8.0-ibm-src-1.8.0.5.5-1jpp.2.el7.s390x.rpm	SHA-256: afc63202e7d571b3fff2f2550d8aedc6a2ee28f1751fbc27bf2cad6fa4a87c77

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.5

SRPM
s390x
java-1.8.0-ibm-1.8.0.5.5-1jpp.2.el7.s390.rpm	SHA-256: e8baa48e38390e995e2016b8e51d8a75ed94845f7e8b8acab23a590790b3d217
java-1.8.0-ibm-1.8.0.5.5-1jpp.2.el7.s390x.rpm	SHA-256: 33455a43ef6881c38e6b4af436d762f13f2a089e8a8836821452a623a8971d28
java-1.8.0-ibm-demo-1.8.0.5.5-1jpp.2.el7.s390x.rpm	SHA-256: 10ecc297a6445d8db112bdfd35206655e91bc6f6edc4b4ef20f6f779e4728140
java-1.8.0-ibm-devel-1.8.0.5.5-1jpp.2.el7.s390.rpm	SHA-256: 773fad3ca3f17f30d9a86056bfc47ba3bfe365391a1aa97872efcdb47cb859e0
java-1.8.0-ibm-devel-1.8.0.5.5-1jpp.2.el7.s390x.rpm	SHA-256: 81066c0a35fcb1071a17712eb927f1cc4d8dadca0f648ec388354f5382188282
java-1.8.0-ibm-jdbc-1.8.0.5.5-1jpp.2.el7.s390x.rpm	SHA-256: 2f42bef4c305d26737ac296538550d533ccbdcb84a81ebbf5193e24ba7e78fd7
java-1.8.0-ibm-src-1.8.0.5.5-1jpp.2.el7.s390x.rpm	SHA-256: afc63202e7d571b3fff2f2550d8aedc6a2ee28f1751fbc27bf2cad6fa4a87c77

Red Hat Enterprise Linux for Power, big endian 7

SRPM
ppc64
java-1.8.0-ibm-1.8.0.5.5-1jpp.2.el7.ppc.rpm	SHA-256: 5296410978ea2ff84ce4b71d1d88455f833cf66de43572ec4368684c4c4193e9
java-1.8.0-ibm-1.8.0.5.5-1jpp.2.el7.ppc64.rpm	SHA-256: ddf180ae4a1576504f47ed0823bde9c740851aedd0a3aa1253ca508366205457
java-1.8.0-ibm-demo-1.8.0.5.5-1jpp.2.el7.ppc64.rpm	SHA-256: 5621b674c8bafb7d0ad15108ab1a4899608f1a9cdbf263c9bd52ca4a11300a26
java-1.8.0-ibm-devel-1.8.0.5.5-1jpp.2.el7.ppc.rpm	SHA-256: d932d778b0e63a7533d0dad1b5c8c7d61e219915c091bacdfe9b0786f1ae4a1f
java-1.8.0-ibm-devel-1.8.0.5.5-1jpp.2.el7.ppc64.rpm	SHA-256: b1da66df69c712542d16dbefa432fd1fb256289d8574dc6395b21e044178880b
java-1.8.0-ibm-jdbc-1.8.0.5.5-1jpp.2.el7.ppc64.rpm	SHA-256: 4ad7fa6945703a4bd82bf83bef96fc7b7e9c3b1ba51af4101be2466677ffdd6d
java-1.8.0-ibm-plugin-1.8.0.5.5-1jpp.2.el7.ppc64.rpm	SHA-256: 6926102bfba29cf8b6afa10f9a988895d82f59989ad1d7f1fdd9ef7f38d1f943
java-1.8.0-ibm-src-1.8.0.5.5-1jpp.2.el7.ppc64.rpm	SHA-256: ba1e435dd6dd6d230607fff36f6e662770b72173cae7c282f76195937fcfa179

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.5

SRPM
ppc64
java-1.8.0-ibm-1.8.0.5.5-1jpp.2.el7.ppc.rpm	SHA-256: 5296410978ea2ff84ce4b71d1d88455f833cf66de43572ec4368684c4c4193e9
java-1.8.0-ibm-1.8.0.5.5-1jpp.2.el7.ppc64.rpm	SHA-256: ddf180ae4a1576504f47ed0823bde9c740851aedd0a3aa1253ca508366205457
java-1.8.0-ibm-demo-1.8.0.5.5-1jpp.2.el7.ppc64.rpm	SHA-256: 5621b674c8bafb7d0ad15108ab1a4899608f1a9cdbf263c9bd52ca4a11300a26
java-1.8.0-ibm-devel-1.8.0.5.5-1jpp.2.el7.ppc.rpm	SHA-256: d932d778b0e63a7533d0dad1b5c8c7d61e219915c091bacdfe9b0786f1ae4a1f
java-1.8.0-ibm-devel-1.8.0.5.5-1jpp.2.el7.ppc64.rpm	SHA-256: b1da66df69c712542d16dbefa432fd1fb256289d8574dc6395b21e044178880b
java-1.8.0-ibm-jdbc-1.8.0.5.5-1jpp.2.el7.ppc64.rpm	SHA-256: 4ad7fa6945703a4bd82bf83bef96fc7b7e9c3b1ba51af4101be2466677ffdd6d
java-1.8.0-ibm-plugin-1.8.0.5.5-1jpp.2.el7.ppc64.rpm	SHA-256: 6926102bfba29cf8b6afa10f9a988895d82f59989ad1d7f1fdd9ef7f38d1f943
java-1.8.0-ibm-src-1.8.0.5.5-1jpp.2.el7.ppc64.rpm	SHA-256: ba1e435dd6dd6d230607fff36f6e662770b72173cae7c282f76195937fcfa179

Red Hat Enterprise Linux for Scientific Computing 7

SRPM
x86_64
java-1.8.0-ibm-1.8.0.5.5-1jpp.2.el7.i686.rpm	SHA-256: 00b264d633894307fee2d1ec077a291e8fd9f5f378418492164f6bfa06183981
java-1.8.0-ibm-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: 28434defb064086234832c7339404fce3ef7029312b9f3b79a703650650289f3
java-1.8.0-ibm-demo-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: 5248f0635d88235141ff53696801265b4125537c703e7dfe21a1255eaf85a10d
java-1.8.0-ibm-devel-1.8.0.5.5-1jpp.2.el7.i686.rpm	SHA-256: 3202fb49bbb12d3848110083cbd455d7b68f66cc28acadbe846ed586e0c8fa8d
java-1.8.0-ibm-devel-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: 272cc4c603d67b5baeaa1db91224a0fbff749c4858ff6b3d11958a28134700b2
java-1.8.0-ibm-src-1.8.0.5.5-1jpp.2.el7.x86_64.rpm	SHA-256: 9e8f0ceac8a68b00c036042a196c5805f3711964479e0575ce072a2ec7e315ed

Red Hat Enterprise Linux for Power, little endian 7

SRPM
ppc64le
java-1.8.0-ibm-1.8.0.5.5-1jpp.2.el7.ppc64le.rpm	SHA-256: 5dfc7a1ee8f5159bcbf11b8d2fdbe6bca3736f7185181dc0cce6730b47687f53
java-1.8.0-ibm-demo-1.8.0.5.5-1jpp.2.el7.ppc64le.rpm	SHA-256: 44d1bdd43532bc6f7eeadaab7a16c5214c33b34d60c222f3077822e768beca23
java-1.8.0-ibm-devel-1.8.0.5.5-1jpp.2.el7.ppc64le.rpm	SHA-256: 32565d01e87f34cae0ebf65c2372c88a3535517e39226500a206585dfce47c9c
java-1.8.0-ibm-jdbc-1.8.0.5.5-1jpp.2.el7.ppc64le.rpm	SHA-256: 8885b5088aa5e413cdd562dbfe70ff4bd2b31226fd4724bfddccb865de6da6ee
java-1.8.0-ibm-src-1.8.0.5.5-1jpp.2.el7.ppc64le.rpm	SHA-256: 90e995a247b7cb03610824c447e9dee6be9e1a56a380f6f0a107bd6952ce2505

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.5

SRPM
ppc64le
java-1.8.0-ibm-1.8.0.5.5-1jpp.2.el7.ppc64le.rpm	SHA-256: 5dfc7a1ee8f5159bcbf11b8d2fdbe6bca3736f7185181dc0cce6730b47687f53
java-1.8.0-ibm-demo-1.8.0.5.5-1jpp.2.el7.ppc64le.rpm	SHA-256: 44d1bdd43532bc6f7eeadaab7a16c5214c33b34d60c222f3077822e768beca23
java-1.8.0-ibm-devel-1.8.0.5.5-1jpp.2.el7.ppc64le.rpm	SHA-256: 32565d01e87f34cae0ebf65c2372c88a3535517e39226500a206585dfce47c9c
java-1.8.0-ibm-jdbc-1.8.0.5.5-1jpp.2.el7.ppc64le.rpm	SHA-256: 8885b5088aa5e413cdd562dbfe70ff4bd2b31226fd4724bfddccb865de6da6ee
java-1.8.0-ibm-src-1.8.0.5.5-1jpp.2.el7.ppc64le.rpm	SHA-256: 90e995a247b7cb03610824c447e9dee6be9e1a56a380f6f0a107bd6952ce2505

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories