{"affected":[{"ecosystem_specific":{"binaries":[{"java-1_7_1-ibm":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-alsa":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-devel":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-jdbc":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-plugin":"1.7.1_sr4.20-38.16.1"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud 6","name":"java-1_7_1-ibm","purl":"pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20OpenStack%20Cloud%206"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.7.1_sr4.20-38.16.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-1_7_1-ibm":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-alsa":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-devel":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-jdbc":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-plugin":"1.7.1_sr4.20-38.16.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP1","name":"java-1_7_1-ibm","purl":"pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.7.1_sr4.20-38.16.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-1_7_1-ibm-devel":"1.7.1_sr4.20-38.16.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP2","name":"java-1_7_1-ibm","purl":"pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.7.1_sr4.20-38.16.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-1_7_1-ibm-devel":"1.7.1_sr4.20-38.16.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP3","name":"java-1_7_1-ibm","purl":"pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.7.1_sr4.20-38.16.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-1_7_1-ibm":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-alsa":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-devel":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-jdbc":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-plugin":"1.7.1_sr4.20-38.16.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12-LTSS","name":"java-1_7_1-ibm","purl":"pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.7.1_sr4.20-38.16.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-1_7_1-ibm":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-alsa":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-devel":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-jdbc":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-plugin":"1.7.1_sr4.20-38.16.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP1-LTSS","name":"java-1_7_1-ibm","purl":"pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.7.1_sr4.20-38.16.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-1_7_1-ibm":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-alsa":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-jdbc":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-plugin":"1.7.1_sr4.20-38.16.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP2","name":"java-1_7_1-ibm","purl":"pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.7.1_sr4.20-38.16.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-1_7_1-ibm":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-alsa":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-jdbc":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-plugin":"1.7.1_sr4.20-38.16.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP2","name":"java-1_7_1-ibm","purl":"pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.7.1_sr4.20-38.16.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-1_7_1-ibm":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-alsa":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-jdbc":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-plugin":"1.7.1_sr4.20-38.16.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP3","name":"java-1_7_1-ibm","purl":"pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.7.1_sr4.20-38.16.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-1_7_1-ibm":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-alsa":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-jdbc":"1.7.1_sr4.20-38.16.1","java-1_7_1-ibm-plugin":"1.7.1_sr4.20-38.16.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP3","name":"java-1_7_1-ibm","purl":"pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.7.1_sr4.20-38.16.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for java-1_7_1-ibm fixes the following issue:\n\nThe version was updated to 7.1.4.20 [bsc#1082810]\n\n* Security fixes:\n\n  - CVE-2018-2633 CVE-2018-2637 CVE-2018-2634 CVE-2018-2582\n    CVE-2018-2641 CVE-2018-2618 CVE-2018-2657 CVE-2018-2603\n    CVE-2018-2599 CVE-2018-2602 CVE-2018-2678 CVE-2018-2677\n    CVE-2018-2663 CVE-2018-2588 CVE-2018-2579\n\n* Defect fixes:\n\n  - IJ04281 Class Libraries: Startup time increase after applying\n              apar IV96905\n  - IJ03822 Class Libraries: Update timezone information to tzdata2017c\n  - IJ03605 Java Virtual Machine: Legacy security for com.ibm.jvm.dump,\n              trace, log was not enabled by default\n  - IJ03607 JIT Compiler: Result String contains a redundant dot when\n              converted from BigDecimal with 0 on all platforms\n  - IX90185 ORB: Upgrade ibmcfw.jar to version O1800.01\n  - IJ04282 Security: Change in location and default of jurisdiction\n              policy files\n  - IJ03853 Security: IBMCAC provider does not support SHA224\n  - IJ02679 Security: IBMPKCS11Impl -- Bad sessions are being allocated\n              internally\n  - IJ02706 Security: IBMPKCS11Impl -- Bad sessions are being allocated\n              internally\n  - IJ03552 Security: IBMPKCS11Impl -- Config file problem with the slot\n              specification attribute\n  - IJ01901 Security: IBMPKCS11Impl -- SecureRandom.setSeed() exception\n  - IJ03801 Security: Issue with same DN certs, iKeyman GUI error with\n              stash, JKS Chain issue and JVM argument parse issue with iKeyman\n  - IJ03256 Security: javax.security.auth.Subject.toString() throws NPE\n  - IJ02284 JIT Compiler: Division by zero in JIT compiler\n\n* SUSE fixes:\n\n  - Make it possible to run Java jnlp files from Firefox. (bsc#1057460)\n\n  - Fixed jpackage-java-1_7_1-ibm-webstart.desktop file to allow\n    Java jnlp files run from Firefox. [bsc#1057460, bsc#1076390]\n\n  - Fix javaws segfaults when java expiration timer has elapsed. [bsc#929900]\n\n  - Provide IBM Java updates for IBMs PMR 55931,671,760 and for SUSEs\n    SR 110991601735. [bsc#966304]\n\n  - Ensure that all Java policy files are symlinked into the proper file system\n    locations. Without those symlinks, several OES iManager plugins did not\n    function properly. [bsc#1085018]\n","id":"SUSE-SU-2018:0743-1","modified":"2018-03-19T13:10:56Z","published":"2018-03-19T13:10:56Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2018/suse-su-20180743-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1057460"},{"type":"REPORT","url":"https://bugzilla.suse.com/1076390"},{"type":"REPORT","url":"https://bugzilla.suse.com/1082810"},{"type":"REPORT","url":"https://bugzilla.suse.com/1085018"},{"type":"REPORT","url":"https://bugzilla.suse.com/929900"},{"type":"REPORT","url":"https://bugzilla.suse.com/955131"},{"type":"REPORT","url":"https://bugzilla.suse.com/966304"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2579"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2582"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2588"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2599"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2602"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2603"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2618"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2633"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2634"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2637"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2641"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2657"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2663"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2677"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2678"}],"related":["CVE-2018-2579","CVE-2018-2582","CVE-2018-2588","CVE-2018-2599","CVE-2018-2602","CVE-2018-2603","CVE-2018-2618","CVE-2018-2633","CVE-2018-2634","CVE-2018-2637","CVE-2018-2641","CVE-2018-2657","CVE-2018-2663","CVE-2018-2677","CVE-2018-2678"],"summary":"Security update for java-1_7_1-ibm","upstream":["CVE-2018-2579","CVE-2018-2582","CVE-2018-2588","CVE-2018-2599","CVE-2018-2602","CVE-2018-2603","CVE-2018-2618","CVE-2018-2633","CVE-2018-2634","CVE-2018-2637","CVE-2018-2641","CVE-2018-2657","CVE-2018-2663","CVE-2018-2677","CVE-2018-2678"]}