[security-announce] SUSE-SU-2014:0728-3: important: Security update for IBM Java 6

SUSE Security Update: Security update for IBM Java 6 ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0728-3 Rating: important References: #877430 Cross-References: CVE-2013-6629 CVE-2013-6954 CVE-2014-0428 CVE-2014-0429 CVE-2014-0446 CVE-2014-0449 CVE-2014-0451 CVE-2014-0452 CVE-2014-0453 CVE-2014-0457 CVE-2014-0458 CVE-2014-0459 CVE-2014-0460 CVE-2014-0461 CVE-2014-0878 CVE-2014-1876 CVE-2014-2398 CVE-2014-2401 CVE-2014-2409 CVE-2014-2412 CVE-2014-2414 CVE-2014-2420 CVE-2014-2421 CVE-2014-2423 CVE-2014-2427 CVE-2014-2428 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP1 LTSS SUSE Linux Enterprise Java 11 SP3 ______________________________________________________________________________ An update that fixes 26 vulnerabilities is now available. Description: BM Java 6 was updated to version 6 SR16 to fix several security issues and various other bugs. More information can be found at: http://www.ibm.com/developerworks/java/jdk/alerts/ http://www.ibm.com/developerworks/java/jdk/alerts/ Security Issues references: * CVE-2013-6629 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6629 * CVE-2013-6954 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6954 * CVE-2014-0429 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429 * CVE-2014-0446 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0446 * CVE-2014-0449 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0449 * CVE-2014-0451 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451 * CVE-2014-0452 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452 * CVE-2014-0457 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457 * CVE-2014-0458 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458 * CVE-2014-0459 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0459 * CVE-2014-0460 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460 * CVE-2014-0461 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0461 * CVE-2014-1876 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1876 * CVE-2014-2398 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398 * CVE-2014-2401 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2401 * CVE-2014-2409 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2409 * CVE-2014-2412 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412 * CVE-2014-2414 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414 * CVE-2014-2420 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2420 * CVE-2014-2421 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421 * CVE-2014-2423 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423 * CVE-2014-2427 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427 * CVE-2014-2428 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2428 * CVE-2014-0428 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428 * CVE-2014-0453 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453 * CVE-2014-0878 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0878 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-java-1_6_0-ibm-9256 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-java-1_6_0-ibm-9256 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-java-1_6_0-ibm-9256 - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-java-1_6_0-ibm-9273 - SUSE Linux Enterprise Java 11 SP3: zypper in -t patch slejsp3-java-1_6_0-ibm-9256 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-devel-1.6.0_sr16.0-0.3.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): java-1_6_0-ibm-1.6.0_sr16.0-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr16.0-0.3.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): java-1_6_0-ibm-1.6.0_sr16.0-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr16.0-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr16.0-0.3.1 java-1_6_0-ibm-plugin-1.6.0_sr16.0-0.3.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586): java-1_6_0-ibm-alsa-1.6.0_sr16.0-0.3.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-1.6.0_sr16.0-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr16.0-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr16.0-0.3.1 - SUSE Linux Enterprise Server 11 SP3 (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr16.0-0.3.1 - SUSE Linux Enterprise Server 11 SP3 (i586): java-1_6_0-ibm-alsa-1.6.0_sr16.0-0.3.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64): java-1_6_0-ibm-1.6.0_sr16.0-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr16.0-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr16.0-0.3.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr16.0-0.3.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586): java-1_6_0-ibm-alsa-1.6.0_sr16.0-0.3.1 - SUSE Linux Enterprise Java 11 SP3 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-1.6.0_sr16.0-0.3.1 java-1_6_0-ibm-devel-1.6.0_sr16.0-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr16.0-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr16.0-0.3.1 - SUSE Linux Enterprise Java 11 SP3 (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr16.0-0.3.1 - SUSE Linux Enterprise Java 11 SP3 (i586): java-1_6_0-ibm-alsa-1.6.0_sr16.0-0.3.1 References: http://support.novell.com/security/cve/CVE-2013-6629.html http://support.novell.com/security/cve/CVE-2013-6954.html http://support.novell.com/security/cve/CVE-2014-0428.html http://support.novell.com/security/cve/CVE-2014-0429.html http://support.novell.com/security/cve/CVE-2014-0446.html http://support.novell.com/security/cve/CVE-2014-0449.html http://support.novell.com/security/cve/CVE-2014-0451.html http://support.novell.com/security/cve/CVE-2014-0452.html http://support.novell.com/security/cve/CVE-2014-0453.html http://support.novell.com/security/cve/CVE-2014-0457.html http://support.novell.com/security/cve/CVE-2014-0458.html http://support.novell.com/security/cve/CVE-2014-0459.html http://support.novell.com/security/cve/CVE-2014-0460.html http://support.novell.com/security/cve/CVE-2014-0461.html http://support.novell.com/security/cve/CVE-2014-0878.html http://support.novell.com/security/cve/CVE-2014-1876.html http://support.novell.com/security/cve/CVE-2014-2398.html http://support.novell.com/security/cve/CVE-2014-2401.html http://support.novell.com/security/cve/CVE-2014-2409.html http://support.novell.com/security/cve/CVE-2014-2412.html http://support.novell.com/security/cve/CVE-2014-2414.html http://support.novell.com/security/cve/CVE-2014-2420.html http://support.novell.com/security/cve/CVE-2014-2421.html http://support.novell.com/security/cve/CVE-2014-2423.html http://support.novell.com/security/cve/CVE-2014-2427.html http://support.novell.com/security/cve/CVE-2014-2428.html https://bugzilla.novell.com/877430 http://download.suse.com/patch/finder/?keywords=159cbf841fa77a526042b13b2fa5... http://download.suse.com/patch/finder/?keywords=ae93268c78a2b60a14d572b620ac... -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org