The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Oracle Java: vulnerabilities of July 2017

Synthesis of the vulnerability 

Several vulnerabilities were announced in Oracle Java.
Impacted products: Debian, Fedora, AIX, Domino, Notes, Security Directory Server, QRadar SIEM, Tivoli Storage Manager, Tivoli System Automation, WebSphere AS Traditional, IBM WebSphere ESB, WebSphere MQ, Junos Space, ePO, SnapManager, Java OpenJDK, openSUSE Leap, Java Oracle, JavaFX, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity of this bulletin: 3/4.
Number of vulnerabilities in this bulletin: 32.
Creation date: 19/07/2017.
Références of this threat: 2007002, 2008025, 2008360, 2008362, 2008757, 2009206, 2009232, 2009253, 2009415, 2009663, 2011594, 2012301, CERTFR-2017-AVI-223, cpujul2017, CVE-2017-10053, CVE-2017-10067, CVE-2017-10074, CVE-2017-10078, CVE-2017-10081, CVE-2017-10086, CVE-2017-10087, CVE-2017-10089, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10104, CVE-2017-10105, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109, CVE-2017-10110, CVE-2017-10111, CVE-2017-10114, CVE-2017-10115, CVE-2017-10116, CVE-2017-10117, CVE-2017-10118, CVE-2017-10121, CVE-2017-10125, CVE-2017-10135, CVE-2017-10145, CVE-2017-10176, CVE-2017-10193, CVE-2017-10198, CVE-2017-10243, DLA-1073-1, DSA-3919-1, DSA-3954-1, DSA-4005-1, FEDORA-2017-605557de96, FEDORA-2017-721314e3b3, FEDORA-2017-735e2ae663, FEDORA-2017-be3df4fe14, FEDORA-2017-fe57cf60c3, ibm10718843, JSA10873, NTAP-20170720-0001, openSUSE-SU-2017:2211-1, openSUSE-SU-2018:0042-1, RHSA-2017:1789-01, RHSA-2017:1790-01, RHSA-2017:1791-01, RHSA-2017:1792-01, RHSA-2017:2424-01, RHSA-2017:2469-01, RHSA-2017:2481-01, RHSA-2017:2530-01, SB10208, SUSE-SU-2017:2175-1, SUSE-SU-2017:2263-1, SUSE-SU-2017:2280-1, SUSE-SU-2017:2281-1, SUSE-SU-2018:0005-1, USN-3366-1, USN-3366-2, USN-3396-1, VIGILANCE-VUL-23289.

Description of the vulnerability 

Several vulnerabilities were announced in Oracle Java.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This cybersecurity alert impacts software or systems such as Debian, Fedora, AIX, Domino, Notes, Security Directory Server, QRadar SIEM, Tivoli Storage Manager, Tivoli System Automation, WebSphere AS Traditional, IBM WebSphere ESB, WebSphere MQ, Junos Space, ePO, SnapManager, Java OpenJDK, openSUSE Leap, Java Oracle, JavaFX, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.

Our Vigil@nce team determined that the severity of this weakness is important.

The trust level is of type confirmed by the editor, with an origin of document.

This bulletin is about 32 vulnerabilities.

An attacker with a expert ability can exploit this security weakness.

Solutions for this threat 

Oracle Java: version 8u141.
The version 8u141 is fixed:
  http://www.oracle.com/technetwork/indexes/downloads/index.html
  http://www.oracle.com/technetwork/java/javase/documentation/8u-relnotes-2225394.html

Oracle Java: version 7u151.
The version 7u151 is fixed:
  http://www.oracle.com/technetwork/indexes/downloads/index.html
  http://www.oracle.com/technetwork/java/javase/documentation/javase7supportreleasenotes-1601161.html

Oracle Java: version 6u161.
The version 6u161 is fixed:
  http://www.oracle.com/technetwork/indexes/downloads/index.html
  http://www.oracle.com/technetwork/java/javase/documentation/overview-156328.html

AIX: patch for Java.
A patch is indicated in information sources.

Debian 7/8: new openjdk-7 packages.
New packages are available:
  Debian 7: openjdk-7 7u151-2.6.11-1+deb7u1
  Debian 8: openjdk-7 7u151-2.6.11-1~deb8u1

Debian 9: new openjdk-8 packages.
New packages are available:
  Debian 9: openjdk-8 8u141-b15-1~deb9u1

Debian 9: new openjfx packages.
New packages are available:
  Debian 9: openjfx 8u141-b14-3~deb9u1

Fedora: new java-1.8.0-openjdk-aarch32 packages.
New packages are available:
  Fedora 25: java-1.8.0-openjdk-aarch32 1.8.0.141-1.170721.fc25
  Fedora 26: java-1.8.0-openjdk-aarch32 1.8.0.141-2.170721.fc26

Fedora: new java-1.8.0-openjdk packages.
New packages are available:
  Fedora 24: java-1.8.0-openjdk 1.8.0.141-1.b16.fc24
  Fedora 25: java-1.8.0-openjdk 1.8.0.141-1.b16.fc25
  Fedora 26: java-1.8.0-openjdk 1.8.0.141-1.b16.fc26

IBM BigFix Compliance Analytics: solution for Java.
The solution is indicated in information sources.

IBM BigFix Inventory: solution for Java.
The solution is indicated in information sources.

IBM BigFix Remote Control: solution for Java.
The solution is indicated in information sources.

IBM Domino: solution for Java.
The solution is indicated in information sources.

IBM MQ: solution for Java.
The solution is indicated in information sources.

IBM Notes: solution for Java.
The solution is indicated in information sources.

IBM QRadar SIEM: solution for Java.
The solution is indicated in information sources.

IBM Security Directory Server: solution for Java.
The solution is indicated in information sources.

IBM Spectrum Protect, Tivoli Storage Manager: solution for Java.
The solution is indicated in information sources.

IBM Tivoli System Automation Application Manager: solution for Java.
The solution is indicated in information sources.

IBM Tivoli System Automation for Multiplatforms: solution for Java.
The solution is indicated in information sources.

IBM WebSphere AS: patch for Java.
A patch is indicated in information sources.

Junos Space: solution.
The solution is indicated in information sources.

McAfee ePO: patch for Java.
A patch is indicated in information sources.

openSUSE Leap: new java-1_7_0-openjdk packages.
New packages are available:
  openSUSE Leap 42.2: java-1_7_0-openjdk 1.7.0.161-42.6.1
  openSUSE Leap 42.3: java-1_7_0-openjdk 1.7.0.161-45.1

openSUSE Leap: new java-1_8_0-openjdk packages.
New packages are available:
  openSUSE Leap 42.2: java-1_8_0-openjdk 1.8.0.144-10.13.3
  openSUSE Leap 42.3: java-1_8_0-openjdk 1.8.0.144-13.3

RHEL 6.9: new java-1.6.0-ibm packages.
New packages are available:
  RHEL 6: java-1.6.0-ibm 1.6.0.16.50-1jpp.1.el6_9

RHEL: new java-1.6.0-sun packages.
New packages are available:
  RHEL 6: java-1.6.0-sun 1.6.0.161-1jpp.1.el6
  RHEL 7: java-1.6.0-sun 1.6.0.161-1jpp.3.el7_3

RHEL: new java-1.7.0-openjdk packages.
New packages are available:
  RHEL 6: java-1.7.0-openjdk 1.7.0.151-2.6.11.0.el6_9
  RHEL 7: java-1.7.0-openjdk 1.7.0.151-2.6.11.1.el7_4

RHEL: new java-1.7.0-oracle packages.
New packages are available:
  RHEL 6: java-1.7.0-oracle 1.7.0.151-1jpp.1.el6
  RHEL 7: java-1.7.0-oracle 1.7.0.151-1jpp.1.el7_3

RHEL: new java-1.7.1-ibm packages.
New packages are available:
  RHEL 6: java-1.7.1-ibm 1.7.1.4.10-1jpp.2.el6_9
  RHEL 7: java-1.7.1-ibm 1.7.1.4.10-1jpp.3.el7

RHEL: new java-1.8.0-ibm packages.
New packages are available:
  RHEL 6: java-1.8.0-ibm 1.8.0.4.10-1jpp.1.el6_9
  RHEL 7: java-1.8.0-ibm 1.8.0.4.10-1jpp.3.el7

RHEL: new java-1.8.0-openjdk packages.
New packages are available:
  RHEL 6: java-1.8.0-openjdk 1.8.0.141-2.b16.el6_9
  RHEL 7: java-1.8.0-openjdk 1.8.0.141-1.b16.el7_3

RHEL: new java-1.8.0-oracle packages.
New packages are available:
  RHEL 6: java-1.8.0-oracle 1.8.0.141-1jpp.1.el6
  RHEL 7: java-1.8.0-oracle 1.8.0.141-1jpp.1.el7_3

SUSE LE 12: new java-1_7_0-openjdk packages.
New packages are available:
  SUSE LE 12 RTM: java-1_7_0-openjdk 1.7.0.161-43.7.6
  SUSE LE 12 SP1: java-1_7_0-openjdk 1.7.0.161-43.7.6
  SUSE LE 12 SP2: java-1_7_0-openjdk 1.7.0.161-43.7.6
  SUSE LE 12 SP3: java-1_7_0-openjdk 1.7.0.161-43.7.6

SUSE LE 12: new java-1_8_0-ibm packages.
New packages are available:
  SUSE LE 12 SP1: java-1_8_0-ibm 1.8.0_sr4.10-30.5.1
  SUSE LE 12 SP2: java-1_8_0-ibm 1.8.0_sr4.10-30.5.1
  SUSE LE 12 SP3: java-1_8_0-ibm 1.8.0_sr4.10-30.5.1

SUSE LE 12: new java-1_8_0-openjdk packages.
New packages are available:
  SUSE LE 12 SP1: java-1_8_0-openjdk 1.8.0.144-27.5.3
  SUSE LE 12 SP2: java-1_8_0-openjdk 1.8.0.144-27.5.3
  SUSE LE 12 SP3: java-1_8_0-openjdk 1.8.0.144-27.5.3

SUSE LE: new java-1_7_1-ibm packages.
New packages are available:
  SUSE LE 11 SP4: java-1_7_1-ibm 1.7.1_sr4.10-26.5.1
  SUSE LE 12 RTM: java-1_7_1-ibm 1.7.1_sr4.10-38.5.1
  SUSE LE 12 SP1: java-1_7_1-ibm 1.7.1_sr4.10-38.5.1
  SUSE LE 12 SP2: java-1_7_1-ibm 1.7.1_sr4.10-38.5.1
  SUSE LE 12 SP3: java-1_7_1-ibm 1.7.1_sr4.10-38.5.1

Ubuntu 14.04: new openjdk-7-jre packages.
New packages are available:
  Ubuntu 14.04 LTS: openjdk-7-jre 7u151-2.6.11-0ubuntu1.14.04.1

Ubuntu: new openjdk-8-jdk packages.
New packages are available:
  Ubuntu 17.04: openjdk-8-jre 8u131-b11-2ubuntu1.17.04.3
  Ubuntu 16.04 LTS: openjdk-8-jre 8u131-b11-2ubuntu1.16.04.3

WebSphere Enterprise Service Bus: patch for WebSphere AS.
A patch is indicated in information sources.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides systems vulnerabilities analysis. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.