877429 – (CVE-2014-0878) VUL-0: java: CVE-2014-0878: SE Version 7 (last updated: 07 May 2014)

Bug 877429 (CVE-2014-0878) - VUL-0: java: CVE-2014-0878: SE Version 7 (last updated: 07 May 2014)

Summary: VUL-0: java: CVE-2014-0878: SE Version 7 (last updated: 07 May 2014)

Status:	RESOLVED FIXED

Alias:	CVE-2014-0878

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Deadline:	2014-05-28
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/98632/
Whiteboard:	maint:released:sle11-sp2:57477 maint...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2014-05-13 05:58 UTC by Sebastian Krahmer
Modified:	2015-03-06 10:07 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sebastian Krahmer 2014-05-13 05:58:50 UTC

Java 7 SR7



References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0878
http://www.ibm.com/developerworks/java/jdk/linux/download.html#7 SR7
http://www.ibm.com/developerworks/java/jdk/aix/j764/Java7_64.fixes.html#SR7

Comment 1 Swamp Workflow Management 2014-05-13 22:00:13 UTC

bugbot adjusting priority

Comment 2 Swamp Workflow Management 2014-05-14 08:33:11 UTC

The SWAMPID for this issue is 57392.
This issue was rated as moderate.
Please submit fixed packages until 2014-05-28.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.

Comment 3 SMASH SMASH 2014-05-14 08:35:13 UTC

Affected packages:

SLE-11-SP3: java-1_7_0-ibm
SLE-11-SP2: java-1_7_0-ibm

Comment 4 Sebastian Krahmer 2014-05-14 08:39:21 UTC

CVE-2013-6629
CVE-2013-6954
CVE-2014-0429
CVE-2014-0446
CVE-2014-0448
CVE-2014-0449
CVE-2014-0451
CVE-2014-0452
CVE-2014-0457
CVE-2014-0458
CVE-2014-0459
CVE-2014-0460
CVE-2014-0461
CVE-2014-1876
CVE-2014-2398
CVE-2014-2401
CVE-2014-2402
CVE-2014-2409
CVE-2014-2412
CVE-2014-2414
CVE-2014-2420
CVE-2014-2421
CVE-2014-2423
CVE-2014-2427
CVE-2014-2428
CVE-2014-0455
CVE-2014-0428
CVE-2014-0453
CVE-2014-0454
CVE-2014-0878

Comment 8 Swamp Workflow Management 2014-05-29 20:11:43 UTC

Update released for: java-1_7_0-ibm, java-1_7_0-ibm-32bit, java-1_7_0-ibm-alsa, java-1_7_0-ibm-alsa-32bit, java-1_7_0-ibm-alsa-x86, java-1_7_0-ibm-demo, java-1_7_0-ibm-devel, java-1_7_0-ibm-devel-32bit, java-1_7_0-ibm-jdbc, java-1_7_0-ibm-jdbc-32bit, java-1_7_0-ibm-jdbc-x86, java-1_7_0-ibm-plugin, java-1_7_0-ibm-plugin-32bit, java-1_7_0-ibm-plugin-x86, java-1_7_0-ibm-src, java-1_7_0-ibm-x86
Products:
SLE-SERVER 11-SP2-LTSS (i386, s390x, x86_64)

Comment 9 Swamp Workflow Management 2014-05-30 00:04:26 UTC

SUSE-SU-2014:0733-1: An update that fixes 30 vulnerabilities is now available.

Category: security (important)
Bug References: 877429
CVE References: CVE-2013-6629,CVE-2013-6954,CVE-2014-0428,CVE-2014-0429,CVE-2014-0446,CVE-2014-0448,CVE-2014-0449,CVE-2014-0451,CVE-2014-0452,CVE-2014-0453,CVE-2014-0454,CVE-2014-0455,CVE-2014-0457,CVE-2014-0458,CVE-2014-0459,CVE-2014-0460,CVE-2014-0461,CVE-2014-0878,CVE-2014-1876,CVE-2014-2398,CVE-2014-2401,CVE-2014-2402,CVE-2014-2409,CVE-2014-2412,CVE-2014-2414,CVE-2014-2420,CVE-2014-2421,CVE-2014-2423,CVE-2014-2427,CVE-2014-2428
Sources used:
SUSE Linux Enterprise Server 11 SP2 LTSS (src):    java-1_7_0-ibm-1.7.0_sr7.0-0.5.1

Comment 10 Swamp Workflow Management 2014-06-02 16:56:15 UTC

Update released for: java-1_7_0-ibm, java-1_7_0-ibm-32bit, java-1_7_0-ibm-64bit, java-1_7_0-ibm-alsa, java-1_7_0-ibm-alsa-32bit, java-1_7_0-ibm-alsa-x86, java-1_7_0-ibm-demo, java-1_7_0-ibm-devel, java-1_7_0-ibm-devel-32bit, java-1_7_0-ibm-devel-64bit, java-1_7_0-ibm-jdbc, java-1_7_0-ibm-jdbc-32bit, java-1_7_0-ibm-jdbc-64bit, java-1_7_0-ibm-jdbc-x86, java-1_7_0-ibm-plugin, java-1_7_0-ibm-plugin-32bit, java-1_7_0-ibm-plugin-x86, java-1_7_0-ibm-src, java-1_7_0-ibm-x86
Products:
SLE-JAVA 11-SP3 (i386, ppc64, s390x, x86_64)
SLE-SDK 11-SP3 (i386, ppc64, s390x, x86_64)
SLE-SERVER 11-SP3 (i386, ppc64, s390x, x86_64)
SLES4VMWARE 11-SP3 (i386, x86_64)

Comment 11 Swamp Workflow Management 2014-06-02 20:04:20 UTC

SUSE-SU-2014:0733-2: An update that fixes 30 vulnerabilities is now available.

Category: security (important)
Bug References: 877429
CVE References: CVE-2013-6629,CVE-2013-6954,CVE-2014-0428,CVE-2014-0429,CVE-2014-0446,CVE-2014-0448,CVE-2014-0449,CVE-2014-0451,CVE-2014-0452,CVE-2014-0453,CVE-2014-0454,CVE-2014-0455,CVE-2014-0457,CVE-2014-0458,CVE-2014-0459,CVE-2014-0460,CVE-2014-0461,CVE-2014-0878,CVE-2014-1876,CVE-2014-2398,CVE-2014-2401,CVE-2014-2402,CVE-2014-2409,CVE-2014-2412,CVE-2014-2414,CVE-2014-2420,CVE-2014-2421,CVE-2014-2423,CVE-2014-2427,CVE-2014-2428
Sources used:
SUSE Linux Enterprise Software Development Kit 11 SP3 (src):    java-1_7_0-ibm-1.7.0_sr7.0-0.5.1
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    java-1_7_0-ibm-1.7.0_sr7.0-0.5.1
SUSE Linux Enterprise Server 11 SP3 (src):    java-1_7_0-ibm-1.7.0_sr7.0-0.5.1
SUSE Linux Enterprise Java 11 SP3 (src):    java-1_7_0-ibm-1.7.0_sr7.0-0.5.1

Comment 12 Johannes Segitz 2014-06-03 11:53:13 UTC

released for all relevant products.