SUSE Security Update: Security update for IBM Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0871-2 Rating: important References: #592934 #819285 #819288 Cross-References: CVE-2013-0401 CVE-2013-1491 CVE-2013-1537 CVE-2013-1540 CVE-2013-1557 CVE-2013-1563 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2394 CVE-2013-2417 CVE-2013-2418 CVE-2013-2419 CVE-2013-2420 CVE-2013-2422 CVE-2013-2424 CVE-2013-2429 CVE-2013-2430 CVE-2013-2432 CVE-2013-2433 CVE-2013-2435 CVE-2013-2440 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that fixes 22 vulnerabilities is now available. Description: IBM Java 1.7.0 has been updated to SR4-FP2 which fixes bugs and security issues. http://www.ibm.com/developerworks/java/jdk/alerts/ <http://www.ibm.com/developerworks/java/jdk/alerts/> Security Issue references: * CVE-2013-2422 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2422
* CVE-2013-1491 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1491
* CVE-2013-2435 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2435
* CVE-2013-2420 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2420
* CVE-2013-2432 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2432
* CVE-2013-1569 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569
* CVE-2013-2384 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384
* CVE-2013-2383 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383
* CVE-2013-1557 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1557
* CVE-2013-1537 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1537
* CVE-2013-2440 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2440
* CVE-2013-2429 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2429
* CVE-2013-2430 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2430
* CVE-2013-1563 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1563
* CVE-2013-2394 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2394
* CVE-2013-0401 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0401
* CVE-2013-2424 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2424
* CVE-2013-2419 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419
* CVE-2013-2417 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2417
* CVE-2013-2418 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2418
* CVE-2013-1540 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1540
* CVE-2013-2433 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2433
Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-java-1_7_0-ibm-7921 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-java-1_7_0-ibm-7921 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-java-1_7_0-ibm-7921 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-devel-1.7.0_sr4.2-0.6.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): java-1_7_0-ibm-1.7.0_sr4.2-0.6.1 java-1_7_0-ibm-alsa-1.7.0_sr4.2-0.6.1 java-1_7_0-ibm-jdbc-1.7.0_sr4.2-0.6.1 java-1_7_0-ibm-plugin-1.7.0_sr4.2-0.6.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-1.7.0_sr4.2-0.6.1 java-1_7_0-ibm-jdbc-1.7.0_sr4.2-0.6.1 - SUSE Linux Enterprise Server 11 SP3 (i586 x86_64): java-1_7_0-ibm-alsa-1.7.0_sr4.2-0.6.1 java-1_7_0-ibm-plugin-1.7.0_sr4.2-0.6.1 References: http://support.novell.com/security/cve/CVE-2013-0401.html http://support.novell.com/security/cve/CVE-2013-1491.html http://support.novell.com/security/cve/CVE-2013-1537.html http://support.novell.com/security/cve/CVE-2013-1540.html http://support.novell.com/security/cve/CVE-2013-1557.html http://support.novell.com/security/cve/CVE-2013-1563.html http://support.novell.com/security/cve/CVE-2013-1569.html http://support.novell.com/security/cve/CVE-2013-2383.html http://support.novell.com/security/cve/CVE-2013-2384.html http://support.novell.com/security/cve/CVE-2013-2394.html http://support.novell.com/security/cve/CVE-2013-2417.html http://support.novell.com/security/cve/CVE-2013-2418.html http://support.novell.com/security/cve/CVE-2013-2419.html http://support.novell.com/security/cve/CVE-2013-2420.html http://support.novell.com/security/cve/CVE-2013-2422.html http://support.novell.com/security/cve/CVE-2013-2424.html http://support.novell.com/security/cve/CVE-2013-2429.html http://support.novell.com/security/cve/CVE-2013-2430.html http://support.novell.com/security/cve/CVE-2013-2432.html http://support.novell.com/security/cve/CVE-2013-2433.html http://support.novell.com/security/cve/CVE-2013-2435.html http://support.novell.com/security/cve/CVE-2013-2440.html https://bugzilla.novell.com/592934 https://bugzilla.novell.com/819285 https://bugzilla.novell.com/819288 http://download.novell.com/patch/finder/?keywords=735ff60a60ece53569a56a53ea... -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org