SUSE Security Update: Security update for IBM Java 6
______________________________________________________________________________

Announcement ID:    SUSE-SU-2014:0266-1
Rating:             important
References:         #862064 
Cross-References:   CVE-2013-5878 CVE-2013-5884 CVE-2013-5887
                    CVE-2013-5888 CVE-2013-5889 CVE-2013-5896
                    CVE-2013-5898 CVE-2013-5899 CVE-2013-5907
                    CVE-2013-5910 CVE-2014-0368 CVE-2014-0373
                    CVE-2014-0375 CVE-2014-0376 CVE-2014-0387
                    CVE-2014-0403 CVE-2014-0410 CVE-2014-0411
                    CVE-2014-0415 CVE-2014-0416 CVE-2014-0417
                    CVE-2014-0422 CVE-2014-0423 CVE-2014-0424
                    CVE-2014-0428
Affected Products:
                    SUSE Linux Enterprise Server 10 SP3 LTSS
                    SUSE CORE 9
______________________________________________________________________________

   An update that fixes 25 vulnerabilities is now available.

Description:


   IBM Java 6 was updated to version SR15-FP1 which received
   security and  bugfixes.

   This release fixes the following problems:

   * CVE-2014-0428, CVE-2014-0422, CVE-2013-5907,
   CVE-2014-0415,
   * CVE-2014-0410, CVE-2013-5889, CVE-2014-0417,
   CVE-2014-0387,
   * CVE-2014-0424, CVE-2013-5878, CVE-2014-0373,
   CVE-2014-0375,
   * CVE-2014-0403, CVE-2014-0423, CVE-2014-0376,
   CVE-2013-5910,
   * CVE-2013-5884, CVE-2013-5896, CVE-2014-0376,
   CVE-2013-5899,
   * CVE-2014-0416, CVE-2013-5887, CVE-2014-0368,
   CVE-2013-5888,
   * CVE-2013-5898, CVE-2014-0411

   More information at:
   https://www.ibm.com/support/pages/java-sdk/
   nuary_14_2014_CPU
   

   Security Issue references:

   * CVE-2014-0428
   
   * CVE-2014-0422
   
   * CVE-2013-5907
   
   * CVE-2014-0417
   
   * CVE-2014-0373
   
   * CVE-2014-0423
   
   * CVE-2014-0376
   
   * CVE-2014-0376
   
   * CVE-2014-0416
   
   * CVE-2014-0368
   
   * CVE-2014-0411
   
   * CVE-2014-0428
   
   * CVE-2014-0422
   
   * CVE-2013-5907
   
   * CVE-2014-0415
   
   * CVE-2014-0410
   
   * CVE-2013-5889
   
   * CVE-2014-0417
   
   * CVE-2014-0387
   
   * CVE-2014-0424
   
   * CVE-2013-5878
   
   * CVE-2014-0373
   
   * CVE-2014-0375
   
   * CVE-2014-0403
   
   * CVE-2014-0423
   
   * CVE-2014-0376
   
   * CVE-2013-5910
   
   * CVE-2013-5884
   
   * CVE-2013-5896
   
   * CVE-2014-0376
   
   * CVE-2013-5899
   
   * CVE-2014-0416
   
   * CVE-2013-5887
   
   * CVE-2014-0368
   
   * CVE-2013-5888
   
   * CVE-2013-5898
   
   * CVE-2014-0411
   



Package List:

   - SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x x86_64):

      java-1_5_0-ibm-1.5.0_sr16.5-0.6.1
      java-1_5_0-ibm-devel-1.5.0_sr16.5-0.6.1
      java-1_5_0-ibm-fonts-1.5.0_sr16.5-0.6.1
      java-1_6_0-ibm-1.6.0_sr15.1-0.5.1
      java-1_6_0-ibm-devel-1.6.0_sr15.1-0.5.1
      java-1_6_0-ibm-fonts-1.6.0_sr15.1-0.5.1
      java-1_6_0-ibm-jdbc-1.6.0_sr15.1-0.5.1

   - SUSE Linux Enterprise Server 10 SP3 LTSS (s390x x86_64):

      java-1_5_0-ibm-32bit-1.5.0_sr16.5-0.6.1
      java-1_5_0-ibm-devel-32bit-1.5.0_sr16.5-0.6.1
      java-1_6_0-ibm-32bit-1.6.0_sr15.1-0.5.1
      java-1_6_0-ibm-devel-32bit-1.6.0_sr15.1-0.5.1

   - SUSE Linux Enterprise Server 10 SP3 LTSS (i586 x86_64):

      java-1_6_0-ibm-plugin-1.6.0_sr15.1-0.5.1

   - SUSE Linux Enterprise Server 10 SP3 LTSS (x86_64):

      java-1_5_0-ibm-alsa-32bit-1.5.0_sr16.5-0.6.1
      java-1_6_0-ibm-alsa-32bit-1.6.0_sr15.1-0.5.1
      java-1_6_0-ibm-plugin-32bit-1.6.0_sr15.1-0.5.1

   - SUSE Linux Enterprise Server 10 SP3 LTSS (i586):

      java-1_5_0-ibm-alsa-1.5.0_sr16.5-0.6.1
      java-1_5_0-ibm-jdbc-1.5.0_sr16.5-0.6.1
      java-1_5_0-ibm-plugin-1.5.0_sr16.5-0.6.1
      java-1_6_0-ibm-alsa-1.6.0_sr15.1-0.5.1

   - SUSE CORE 9 (i586 s390 s390x x86_64):

      IBMJava5-JRE-1.5.0_sr16.5-0.4
      IBMJava5-SDK-1.5.0_sr16.5-0.4


References:

   https://www.suse.com/security/cve/CVE-2013-5878.html
   https://www.suse.com/security/cve/CVE-2013-5884.html
   https://www.suse.com/security/cve/CVE-2013-5887.html
   https://www.suse.com/security/cve/CVE-2013-5888.html
   https://www.suse.com/security/cve/CVE-2013-5889.html
   https://www.suse.com/security/cve/CVE-2013-5896.html
   https://www.suse.com/security/cve/CVE-2013-5898.html
   https://www.suse.com/security/cve/CVE-2013-5899.html
   https://www.suse.com/security/cve/CVE-2013-5907.html
   https://www.suse.com/security/cve/CVE-2013-5910.html
   https://www.suse.com/security/cve/CVE-2014-0368.html
   https://www.suse.com/security/cve/CVE-2014-0373.html
   https://www.suse.com/security/cve/CVE-2014-0375.html
   https://www.suse.com/security/cve/CVE-2014-0376.html
   https://www.suse.com/security/cve/CVE-2014-0387.html
   https://www.suse.com/security/cve/CVE-2014-0403.html
   https://www.suse.com/security/cve/CVE-2014-0410.html
   https://www.suse.com/security/cve/CVE-2014-0411.html
   https://www.suse.com/security/cve/CVE-2014-0415.html
   https://www.suse.com/security/cve/CVE-2014-0416.html
   https://www.suse.com/security/cve/CVE-2014-0417.html
   https://www.suse.com/security/cve/CVE-2014-0422.html
   https://www.suse.com/security/cve/CVE-2014-0423.html
   https://www.suse.com/security/cve/CVE-2014-0424.html
   https://www.suse.com/security/cve/CVE-2014-0428.html
   https://bugzilla.novell.com/862064
   https://login.microfocus.com/nidp/app/login
   https://login.microfocus.com/nidp/app/login
   https://login.microfocus.com/nidp/app/login