[security-announce] SUSE-SU-2014:0728-3: important: Security update for IBM Java 6

SUSE Security Update: Security update for IBM Java 6 ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0728-3 Rating: important References: #877430 Cross-References: CVE-2013-6629 CVE-2013-6954 CVE-2014-0428 CVE-2014-0429 CVE-2014-0446 CVE-2014-0449 CVE-2014-0451 CVE-2014-0452 CVE-2014-0453 CVE-2014-0457 CVE-2014-0458 CVE-2014-0459 CVE-2014-0460 CVE-2014-0461 CVE-2014-0878 CVE-2014-1876 CVE-2014-2398 CVE-2014-2401 CVE-2014-2409 CVE-2014-2412 CVE-2014-2414 CVE-2014-2420 CVE-2014-2421 CVE-2014-2423 CVE-2014-2427 CVE-2014-2428 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP1 LTSS SUSE Linux Enterprise Java 11 SP3 ______________________________________________________________________________ An update that fixes 26 vulnerabilities is now available. Description: BM Java 6 was updated to version 6 SR16 to fix several security issues and various other bugs. More information can be found at: http://www.ibm.com/developerworks/java/jdk/alerts/ <http://www.ibm.com/developerworks/java/jdk/alerts/> Security Issues references: * CVE-2013-6629 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6629> * CVE-2013-6954 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6954> * CVE-2014-0429 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429> * CVE-2014-0446 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0446> * CVE-2014-0449 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0449> * CVE-2014-0451 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451> * CVE-2014-0452 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452> * CVE-2014-0457 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457> * CVE-2014-0458 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458> * CVE-2014-0459 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0459> * CVE-2014-0460 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460> * CVE-2014-0461 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0461> * CVE-2014-1876 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1876> * CVE-2014-2398 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398> * CVE-2014-2401 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2401> * CVE-2014-2409 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2409> * CVE-2014-2412 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412> * CVE-2014-2414 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414> * CVE-2014-2420 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2420> * CVE-2014-2421 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421> * CVE-2014-2423 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423> * CVE-2014-2427 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427> * CVE-2014-2428 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2428> * CVE-2014-0428 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428> * CVE-2014-0453 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453> * CVE-2014-0878 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0878> Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-java-1_6_0-ibm-9256 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-java-1_6_0-ibm-9256 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-java-1_6_0-ibm-9256 - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-java-1_6_0-ibm-9273 - SUSE Linux Enterprise Java 11 SP3: zypper in -t patch slejsp3-java-1_6_0-ibm-9256 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-devel-1.6.0_sr16.0-0.3.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): java-1_6_0-ibm-1.6.0_sr16.0-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr16.0-0.3.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): java-1_6_0-ibm-1.6.0_sr16.0-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr16.0-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr16.0-0.3.1 java-1_6_0-ibm-plugin-1.6.0_sr16.0-0.3.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586): java-1_6_0-ibm-alsa-1.6.0_sr16.0-0.3.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-1.6.0_sr16.0-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr16.0-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr16.0-0.3.1 - SUSE Linux Enterprise Server 11 SP3 (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr16.0-0.3.1 - SUSE Linux Enterprise Server 11 SP3 (i586): java-1_6_0-ibm-alsa-1.6.0_sr16.0-0.3.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64): java-1_6_0-ibm-1.6.0_sr16.0-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr16.0-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr16.0-0.3.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr16.0-0.3.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586): java-1_6_0-ibm-alsa-1.6.0_sr16.0-0.3.1 - SUSE Linux Enterprise Java 11 SP3 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-1.6.0_sr16.0-0.3.1 java-1_6_0-ibm-devel-1.6.0_sr16.0-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr16.0-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr16.0-0.3.1 - SUSE Linux Enterprise Java 11 SP3 (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr16.0-0.3.1 - SUSE Linux Enterprise Java 11 SP3 (i586): java-1_6_0-ibm-alsa-1.6.0_sr16.0-0.3.1 References: http://support.novell.com/security/cve/CVE-2013-6629.html http://support.novell.com/security/cve/CVE-2013-6954.html http://support.novell.com/security/cve/CVE-2014-0428.html http://support.novell.com/security/cve/CVE-2014-0429.html http://support.novell.com/security/cve/CVE-2014-0446.html http://support.novell.com/security/cve/CVE-2014-0449.html http://support.novell.com/security/cve/CVE-2014-0451.html http://support.novell.com/security/cve/CVE-2014-0452.html http://support.novell.com/security/cve/CVE-2014-0453.html http://support.novell.com/security/cve/CVE-2014-0457.html http://support.novell.com/security/cve/CVE-2014-0458.html http://support.novell.com/security/cve/CVE-2014-0459.html http://support.novell.com/security/cve/CVE-2014-0460.html http://support.novell.com/security/cve/CVE-2014-0461.html http://support.novell.com/security/cve/CVE-2014-0878.html http://support.novell.com/security/cve/CVE-2014-1876.html http://support.novell.com/security/cve/CVE-2014-2398.html http://support.novell.com/security/cve/CVE-2014-2401.html http://support.novell.com/security/cve/CVE-2014-2409.html http://support.novell.com/security/cve/CVE-2014-2412.html http://support.novell.com/security/cve/CVE-2014-2414.html http://support.novell.com/security/cve/CVE-2014-2420.html http://support.novell.com/security/cve/CVE-2014-2421.html http://support.novell.com/security/cve/CVE-2014-2423.html http://support.novell.com/security/cve/CVE-2014-2427.html http://support.novell.com/security/cve/CVE-2014-2428.html https://bugzilla.novell.com/877430 http://download.suse.com/patch/finder/?keywords=159cbf841fa77a526042b13b2fa5... http://download.suse.com/patch/finder/?keywords=ae93268c78a2b60a14d572b620ac... -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org