Red Hat Product Errata RHSA-2018:1724 - Security Advisory

Issued:: 2018-05-24
Updated:: 2018-05-24

RHSA-2018:1724 - Security Advisory

Overview
Updated Packages

Synopsis

Important: java-1.7.1-ibm security update

Type/Severity

Security Advisory: Important

Topic

An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 6 Supplementary.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.

This update upgrades IBM Java SE 7 to version 7R1 SR4-FP25.

Security Fix(es):

OpenJDK: unrestricted deserialization of data from JCEKS key stores (Security, 8189997) (CVE-2018-2794)
Oracle JDK: unspecified vulnerability fixed in 6u191, 7u171, and 8u161 (Security) (CVE-2018-2783)
OpenJDK: insufficient consistency checks in deserialization of multiple classes (Security, 8189977) (CVE-2018-2795)
OpenJDK: unbounded memory allocation during deserialization in PriorityBlockingQueue (Concurrency, 8189981) (CVE-2018-2796)
OpenJDK: unbounded memory allocation during deserialization in TabularDataSupport (JMX, 8189985) (CVE-2018-2797)
OpenJDK: unbounded memory allocation during deserialization in Container (AWT, 8189989) (CVE-2018-2798)
OpenJDK: unbounded memory allocation during deserialization in NamedNodeMapImpl (JAXP, 8189993) (CVE-2018-2799)
OpenJDK: RMI HTTP transport enabled by default (RMI, 8193833) (CVE-2018-2800)
OpenJDK: incorrect merging of sections in the JAR manifest (Security, 8189969) (CVE-2018-2790)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of IBM Java must be restarted for this update to take effect.

Affected Products

Red Hat Enterprise Linux Server 6 x86_64
Red Hat Enterprise Linux Server 6 i386
Red Hat Enterprise Linux Workstation 6 x86_64
Red Hat Enterprise Linux Workstation 6 i386
Red Hat Enterprise Linux Desktop 6 x86_64
Red Hat Enterprise Linux Desktop 6 i386
Red Hat Enterprise Linux for IBM z Systems 6 s390x
Red Hat Enterprise Linux for Power, big endian 6 ppc64
Red Hat Enterprise Linux for Scientific Computing 6 x86_64

Fixes

BZ - 1567126 - CVE-2018-2794 OpenJDK: unrestricted deserialization of data from JCEKS key stores (Security, 8189997)
BZ - 1567351 - CVE-2018-2795 OpenJDK: insufficient consistency checks in deserialization of multiple classes (Security, 8189977)
BZ - 1567542 - CVE-2018-2799 OpenJDK: unbounded memory allocation during deserialization in NamedNodeMapImpl (JAXP, 8189993)
BZ - 1567543 - CVE-2018-2798 OpenJDK: unbounded memory allocation during deserialization in Container (AWT, 8189989)
BZ - 1567545 - CVE-2018-2797 OpenJDK: unbounded memory allocation during deserialization in TabularDataSupport (JMX, 8189985)
BZ - 1567546 - CVE-2018-2796 OpenJDK: unbounded memory allocation during deserialization in PriorityBlockingQueue (Concurrency, 8189981)
BZ - 1568163 - CVE-2018-2800 OpenJDK: RMI HTTP transport enabled by default (RMI, 8193833)
BZ - 1568515 - CVE-2018-2790 OpenJDK: incorrect merging of sections in the JAR manifest (Security, 8189969)
BZ - 1569204 - CVE-2018-2783 Oracle JDK: unspecified vulnerability fixed in 6u191, 7u171, and 8u161 (Security)

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 6

SRPM
x86_64
java-1.7.1-ibm-1.7.1.4.25-1jpp.2.el6_9.x86_64.rpm	SHA-256: d5b0b27926b10be45ab3813864b981974937aa0b02e71f0785441d5f45796578
java-1.7.1-ibm-demo-1.7.1.4.25-1jpp.2.el6_9.x86_64.rpm	SHA-256: 4b153203427f422b90ea52ae081024dff81e509ddccb3b2f2194e0d6a3c721e6
java-1.7.1-ibm-devel-1.7.1.4.25-1jpp.2.el6_9.x86_64.rpm	SHA-256: 81811d28322279ade8fc0d659f5b6b75377993c46d18dafeb1739c0e4cfa1c34
java-1.7.1-ibm-jdbc-1.7.1.4.25-1jpp.2.el6_9.x86_64.rpm	SHA-256: c9491daeffc75b5ef57d7b274bcf6f99a9e3ffff8de84629d1b0d14e86c1f3ea
java-1.7.1-ibm-plugin-1.7.1.4.25-1jpp.2.el6_9.x86_64.rpm	SHA-256: 1954d5c8142f0d348f24f0f058e61de6025dc67a4e6c4e5432ecd3ad0c40a763
java-1.7.1-ibm-src-1.7.1.4.25-1jpp.2.el6_9.x86_64.rpm	SHA-256: 0ff0b7cbbf08cd83cf86c7c9e99226f42071af2a6f2f4f1910f2e19753ec06d5
i386
java-1.7.1-ibm-1.7.1.4.25-1jpp.2.el6_9.i686.rpm	SHA-256: 5d553f188776e4bbde1680469525c66b931db6de8835c70b93cb8ba03aee0366
java-1.7.1-ibm-demo-1.7.1.4.25-1jpp.2.el6_9.i686.rpm	SHA-256: 0af39fd7c5b22eb6a1c3d7e74b6cbed0e3f6c9c31b6020e2445ee1624b5b496e
java-1.7.1-ibm-devel-1.7.1.4.25-1jpp.2.el6_9.i686.rpm	SHA-256: a6b438fd8312d44913758f336f896dd8c7575b75f251bd3d4cf707a958345f2e
java-1.7.1-ibm-jdbc-1.7.1.4.25-1jpp.2.el6_9.i686.rpm	SHA-256: 7ac2ef7c96c77886bdf8d6024dfc5796941c05d1946e08796a48718f70111ac4
java-1.7.1-ibm-plugin-1.7.1.4.25-1jpp.2.el6_9.i686.rpm	SHA-256: af5ea16de28fcc98bc72affc698f7b5eb5a11f60c090d4e106c07173594ca8a5
java-1.7.1-ibm-src-1.7.1.4.25-1jpp.2.el6_9.i686.rpm	SHA-256: 7e2a8309cd3a75adcad3671eefb91f70164acbaf0a6ca251a67380197039813b

Red Hat Enterprise Linux Workstation 6

SRPM
x86_64
java-1.7.1-ibm-1.7.1.4.25-1jpp.2.el6_9.x86_64.rpm	SHA-256: d5b0b27926b10be45ab3813864b981974937aa0b02e71f0785441d5f45796578
java-1.7.1-ibm-demo-1.7.1.4.25-1jpp.2.el6_9.x86_64.rpm	SHA-256: 4b153203427f422b90ea52ae081024dff81e509ddccb3b2f2194e0d6a3c721e6
java-1.7.1-ibm-devel-1.7.1.4.25-1jpp.2.el6_9.x86_64.rpm	SHA-256: 81811d28322279ade8fc0d659f5b6b75377993c46d18dafeb1739c0e4cfa1c34
java-1.7.1-ibm-jdbc-1.7.1.4.25-1jpp.2.el6_9.x86_64.rpm	SHA-256: c9491daeffc75b5ef57d7b274bcf6f99a9e3ffff8de84629d1b0d14e86c1f3ea
java-1.7.1-ibm-plugin-1.7.1.4.25-1jpp.2.el6_9.x86_64.rpm	SHA-256: 1954d5c8142f0d348f24f0f058e61de6025dc67a4e6c4e5432ecd3ad0c40a763
java-1.7.1-ibm-src-1.7.1.4.25-1jpp.2.el6_9.x86_64.rpm	SHA-256: 0ff0b7cbbf08cd83cf86c7c9e99226f42071af2a6f2f4f1910f2e19753ec06d5
i386
java-1.7.1-ibm-1.7.1.4.25-1jpp.2.el6_9.i686.rpm	SHA-256: 5d553f188776e4bbde1680469525c66b931db6de8835c70b93cb8ba03aee0366
java-1.7.1-ibm-demo-1.7.1.4.25-1jpp.2.el6_9.i686.rpm	SHA-256: 0af39fd7c5b22eb6a1c3d7e74b6cbed0e3f6c9c31b6020e2445ee1624b5b496e
java-1.7.1-ibm-devel-1.7.1.4.25-1jpp.2.el6_9.i686.rpm	SHA-256: a6b438fd8312d44913758f336f896dd8c7575b75f251bd3d4cf707a958345f2e
java-1.7.1-ibm-jdbc-1.7.1.4.25-1jpp.2.el6_9.i686.rpm	SHA-256: 7ac2ef7c96c77886bdf8d6024dfc5796941c05d1946e08796a48718f70111ac4
java-1.7.1-ibm-plugin-1.7.1.4.25-1jpp.2.el6_9.i686.rpm	SHA-256: af5ea16de28fcc98bc72affc698f7b5eb5a11f60c090d4e106c07173594ca8a5
java-1.7.1-ibm-src-1.7.1.4.25-1jpp.2.el6_9.i686.rpm	SHA-256: 7e2a8309cd3a75adcad3671eefb91f70164acbaf0a6ca251a67380197039813b

Red Hat Enterprise Linux Desktop 6

SRPM
x86_64
java-1.7.1-ibm-1.7.1.4.25-1jpp.2.el6_9.x86_64.rpm	SHA-256: d5b0b27926b10be45ab3813864b981974937aa0b02e71f0785441d5f45796578
java-1.7.1-ibm-demo-1.7.1.4.25-1jpp.2.el6_9.x86_64.rpm	SHA-256: 4b153203427f422b90ea52ae081024dff81e509ddccb3b2f2194e0d6a3c721e6
java-1.7.1-ibm-devel-1.7.1.4.25-1jpp.2.el6_9.x86_64.rpm	SHA-256: 81811d28322279ade8fc0d659f5b6b75377993c46d18dafeb1739c0e4cfa1c34
java-1.7.1-ibm-jdbc-1.7.1.4.25-1jpp.2.el6_9.x86_64.rpm	SHA-256: c9491daeffc75b5ef57d7b274bcf6f99a9e3ffff8de84629d1b0d14e86c1f3ea
java-1.7.1-ibm-plugin-1.7.1.4.25-1jpp.2.el6_9.x86_64.rpm	SHA-256: 1954d5c8142f0d348f24f0f058e61de6025dc67a4e6c4e5432ecd3ad0c40a763
java-1.7.1-ibm-src-1.7.1.4.25-1jpp.2.el6_9.x86_64.rpm	SHA-256: 0ff0b7cbbf08cd83cf86c7c9e99226f42071af2a6f2f4f1910f2e19753ec06d5
i386
java-1.7.1-ibm-1.7.1.4.25-1jpp.2.el6_9.i686.rpm	SHA-256: 5d553f188776e4bbde1680469525c66b931db6de8835c70b93cb8ba03aee0366
java-1.7.1-ibm-demo-1.7.1.4.25-1jpp.2.el6_9.i686.rpm	SHA-256: 0af39fd7c5b22eb6a1c3d7e74b6cbed0e3f6c9c31b6020e2445ee1624b5b496e
java-1.7.1-ibm-devel-1.7.1.4.25-1jpp.2.el6_9.i686.rpm	SHA-256: a6b438fd8312d44913758f336f896dd8c7575b75f251bd3d4cf707a958345f2e
java-1.7.1-ibm-jdbc-1.7.1.4.25-1jpp.2.el6_9.i686.rpm	SHA-256: 7ac2ef7c96c77886bdf8d6024dfc5796941c05d1946e08796a48718f70111ac4
java-1.7.1-ibm-plugin-1.7.1.4.25-1jpp.2.el6_9.i686.rpm	SHA-256: af5ea16de28fcc98bc72affc698f7b5eb5a11f60c090d4e106c07173594ca8a5
java-1.7.1-ibm-src-1.7.1.4.25-1jpp.2.el6_9.i686.rpm	SHA-256: 7e2a8309cd3a75adcad3671eefb91f70164acbaf0a6ca251a67380197039813b

Red Hat Enterprise Linux for IBM z Systems 6

SRPM
s390x
java-1.7.1-ibm-1.7.1.4.25-1jpp.2.el6_9.s390x.rpm	SHA-256: b0771c882b338d6f9640f5203f9a9e77de76735e981c5da0ec63185ebc8187d9
java-1.7.1-ibm-demo-1.7.1.4.25-1jpp.2.el6_9.s390x.rpm	SHA-256: 074eef92743fb6c3a418fe7a26d289b4690364e628de584fb9ed33b6d2f0b2fa
java-1.7.1-ibm-devel-1.7.1.4.25-1jpp.2.el6_9.s390x.rpm	SHA-256: 31c62c9cbb45d6ba94bd5226d4b6ea67a6ba28eb5bd453f90151b81058d12faf
java-1.7.1-ibm-jdbc-1.7.1.4.25-1jpp.2.el6_9.s390x.rpm	SHA-256: 11fe8f91007350b19f2bfd968211f9d9707206160b3ca4b3bf83801f67ad5d96
java-1.7.1-ibm-src-1.7.1.4.25-1jpp.2.el6_9.s390x.rpm	SHA-256: 9d30fb6da0f21923294f5ef5f9b925793f03428c4fd98b47eaea04e967756198

Red Hat Enterprise Linux for Power, big endian 6

SRPM
ppc64
java-1.7.1-ibm-1.7.1.4.25-1jpp.2.el6_9.ppc64.rpm	SHA-256: 46513343073d7aee74d96d8eb602541631e938677173f9b2f9e206d65bef94c4
java-1.7.1-ibm-demo-1.7.1.4.25-1jpp.2.el6_9.ppc64.rpm	SHA-256: 9c750504c1034cfd31de606ceec9942670da08d376820805db58d47a08d5b0aa
java-1.7.1-ibm-devel-1.7.1.4.25-1jpp.2.el6_9.ppc64.rpm	SHA-256: 5011bf0a32034b92c4dfadb06798c941837d7171bcad380b5cbb711a49fe7a05
java-1.7.1-ibm-jdbc-1.7.1.4.25-1jpp.2.el6_9.ppc64.rpm	SHA-256: 8a1454dfbc11d10840bea793d0700ef2b925966750ae45b4bb3ebd6052d1be5d
java-1.7.1-ibm-src-1.7.1.4.25-1jpp.2.el6_9.ppc64.rpm	SHA-256: eb28d8080432503f550c73a8a7d2929fb458344acb2c2992d617f0da4b5ceb2f

Red Hat Enterprise Linux for Scientific Computing 6

SRPM
x86_64
java-1.7.1-ibm-1.7.1.4.25-1jpp.2.el6_9.x86_64.rpm	SHA-256: d5b0b27926b10be45ab3813864b981974937aa0b02e71f0785441d5f45796578
java-1.7.1-ibm-demo-1.7.1.4.25-1jpp.2.el6_9.x86_64.rpm	SHA-256: 4b153203427f422b90ea52ae081024dff81e509ddccb3b2f2194e0d6a3c721e6
java-1.7.1-ibm-devel-1.7.1.4.25-1jpp.2.el6_9.x86_64.rpm	SHA-256: 81811d28322279ade8fc0d659f5b6b75377993c46d18dafeb1739c0e4cfa1c34
java-1.7.1-ibm-src-1.7.1.4.25-1jpp.2.el6_9.x86_64.rpm	SHA-256: 0ff0b7cbbf08cd83cf86c7c9e99226f42071af2a6f2f4f1910f2e19753ec06d5

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories