- Issued:
- 2008-08-13
- Updated:
- 2008-08-13
RHSA-2008:0638 - Low: Red Hat Network Satellite Server IBM Java Runtime security update
Synopsis
Low: Red Hat Network Satellite Server IBM Java Runtime security update
Type/Severity
Security Advisory Low
Topic
Red Hat Network Satellite Server version 5.1.1 is now available. This update includes fixes for a number of security issues in the Red Hat Network Satellite Server IBM Java Runtime Environment for IBM S/390 and IBM System z architectures.
This update has been rated as having low security impact by the Red Hat Security Response Team.
Description
This release corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of Red Hat Network Satellite Server 5.1 for IBM S/390 and IBM System z architectures. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets.
Multiple flaws were fixed in the IBM Java 1.5.0 Runtime Environment. (CVE-2008-0657, CVE-2008-1187, CVE-2008-1188, CVE-2008-1189, CVE-2008-1190, CVE-2008-1192, CVE-2008-1193, CVE-2008-1194, CVE-2008-1195, CVE-2008-1196, CVE-2008-3104, CVE-2008-3106, CVE-2008-3108, CVE-2008-3111, CVE-2008-3112, CVE-2008-3113, CVE-2008-3114)
Users of Red Hat Network Satellite Server 5.1 are advised to upgrade to 5.1.1, which resolves these issues.
Solution
Before applying this update, make sure that all previously-released errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at This content is not included.http://kbase.redhat.com/faq/FAQ_58_10188
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Network Satellite 5.1 (for RHEL Server) | 5.1 | i386 |
| Red Hat Network Satellite 5.1 (for RHEL Mainframe) | 5.1 | s390x |
Updated Packages
- java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el4.s390x.rpm
- java-1.5.0-ibm-1.5.0.8-1jpp.1.el4.s390.rpm
- java-1.5.0-ibm-devel-1.5.0.8-1jpp.1.el4.s390.rpm
- java-1.5.0-ibm-1.5.0.8-1jpp.1.el4.s390x.rpm
Fixes
- This content is not included.BZ - 431861
- This content is not included.BZ - 436030
- This content is not included.BZ - 436293
- This content is not included.BZ - 436295
- This content is not included.BZ - 436296
- This content is not included.BZ - 436299
- This content is not included.BZ - 436302
- This content is not included.BZ - 452649
- This content is not included.BZ - 454601
- This content is not included.BZ - 454604
- This content is not included.BZ - 454605
- This content is not included.BZ - 454606
- This content is not included.BZ - 454607
- This content is not included.BZ - 454608
CVEs
- CVE-2008-3108
- CVE-2008-3111
- CVE-2008-3113
- CVE-2008-3114
- CVE-2008-3112
- CVE-2008-3106
- CVE-2008-3104
- CVE-2008-1192
- CVE-2008-1190
- CVE-2008-1196
- CVE-2008-1195
- CVE-2008-1194
- CVE-2008-1193
- CVE-2008-1187
- CVE-2008-1188
- CVE-2008-1189
- CVE-2008-0657
References
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.