Operating System:

[WIN][UNIX/Linux][MAC][RedHat]

Published:

12 February 2007

Protect yourself against future threats.

//Service

Member Security Incident Notifications

Be proactive with your security and receive our daily Member Security Incident Notifications (MSINs) custom to your network.

Read more
Resources > Security Bulletins > ESB-2007.0081 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                ESB-2007.0081 -- [Win][UNIX/Linux][RedHat]
                 Critical: java-1.4.2-ibm security update
                             12 February 2007

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              IBM JRE/JDK
Publisher:            Red Hat
Operating System:     Red Hat Enterprise Linux Desktop 4
                      Red Hat Enterprise Linux AS/ES/WS 4
                      Red Hat Desktop 3
                      Red Hat Enterprise Linux AS/ES/WS 3
                      UNIX variants (UNIX, Linux, OSX)
                      Windows
                      Mac OS X
Impact:               Execute Arbitrary Code/Commands
                      Increased Privileges
                      Inappropriate Access
Access:               Remote/Unauthenticated
CVE Names:            CVE-2006-6745 CVE-2006-6737 CVE-2006-6736
                      CVE-2006-6731 CVE-2006-4339

Ref:                  ESB-2007.0041
                      AL-2006.0074
                      ESB-2006.0935

Original Bulletin:    https://rhn.redhat.com/errata/RHSA-2007-0062.html
                      https://rhn.redhat.com/errata/RHSA-2007-0073.html

Comment: This advisory references vulnerabilities in products which run on
         platforms other than Red Hat. It is recommended that administrators
         running IBM Java check for an updated version of the software for
         their operating system.
         
         Red Hat have also released updates fixing these same vulnerabilities
         in java-1.5.0-ibm for RHEL 4 Extras. To obtain these updates see:
         https://rhn.redhat.com/errata/RHSA-2007-0073.html

Revision History: February 12 2007: Red Hat releases java-1.5.0-ibm updates 
                                    for the same vulnerabilities
                  February  8 2007: Initial Release

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Critical: java-1.4.2-ibm security update
Advisory ID:       RHSA-2007:0062-02
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2007-0062.html
Issue date:        2007-02-07
Updated on:        2007-02-07
Product:           Red Hat Enterprise Linux Extras
CVE Names:         CVE-2006-4339 CVE-2006-6731 CVE-2006-6736 
                   CVE-2006-6737 CVE-2006-6745 
- - ---------------------------------------------------------------------

1. Summary:

Updated java-1.4.2-ibm packages to correct several security issues are now
available for Red Hat Enterprise Linux 3 and 4 Extras.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 Extras - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 Extras - i386, x86_64
Red Hat Enterprise Linux ES version 3 Extras - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 Extras - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 Extras - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 4 Extras - i386, x86_64
Red Hat Enterprise Linux ES version 4 Extras - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 Extras - i386, ia64, x86_64

3. Problem description:

IBM's 1.4.2 SR7 Java release includes the IBM Java 2 Runtime Environment
and the IBM Java 2 Software Development Kit.

A number of security issues were found:

Vulnerabilities were discovered in the Java Runtime Environment.   An
untrusted applet could use these vulnerabilities to access data from other
applets. (CVE-2006-6736, CVE-2006-6737)

Serialization flaws were discovered in the Java Runtime Environment.  An
untrusted applet or application could use these flaws to elevate its
privileges.  (CVE-2006-6745)

Buffer overflow vulnerabilities were discovered in the Java Runtime
Environment.  An untrusted applet could use these flaws to elevate its
privileges, possibly reading and writing local files or executing local
applications.  (CVE-2006-6731)

Daniel Bleichenbacher discovered an attack on PKCS #1 v1.5 signatures.
Where an RSA key with exponent 3 is used it may be possible for an attacker
to forge a PKCS #1 v1.5 signature that would be incorrectly verified by
implementations that do not check for excess data in the RSA exponentiation
result of the signature.  (CVE-2006-4339)

All users of java-1.4.2-ibm should upgrade to these updated packages, which
contain IBM's 1.4.2 SR7 Java release which resolves these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those
RPMs which are currently installed will be updated.  Those RPMs which are
not installed but included in the list will not be updated.  Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network.  Many
people find this an easier way to apply updates.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

226981 - CVE-2006-6736 Multiple JRE flaws (CVE-2006-6737 CVE-2006-6745 CVE-2006-6731 CVE-2006-4339)
226984 - CVE-2006-6736 Multiple JRE flaws (CVE-2006-6737 CVE-2006-6745 CVE-2006-6731 CVE-2006-4339)

6. RPMs required:

Red Hat Enterprise Linux AS version 3 Extras:

i386:
e7450b145da72cd7df3d7b9eabb672dc  java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.i386.rpm
a0658fd7cf3543965f2b6a3ff7a675ae  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.i386.rpm
32f05440f20c1f7a45736beba22d7bd2  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.i386.rpm
8c664c87d87efd40e937b9ad2ae659d5  java-1.4.2-ibm-jdbc-1.4.2.7-1jpp.4.el3.i386.rpm
9174b55fd33680c3eaa09c2def109753  java-1.4.2-ibm-plugin-1.4.2.7-1jpp.4.el3.i386.rpm
395153b4b890249469b8e1f18673f66d  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.i386.rpm

ia64:
9571ca41f69035894760e4e9e6de61a1  java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.ia64.rpm
6cce9e4c37e6bc1b52e2201bad040ac0  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.ia64.rpm
e0dd38c2639885d1ccf964cf4e045289  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.ia64.rpm
6e859d8ca4885c93cf08ff4d22e10b0f  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.ia64.rpm

ppc:
69ded60046e91ba9348ccff2e52ebf17  java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.ppc.rpm
550284dbfa734add72eca30901d83c1f  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.ppc.rpm
9aa5ee3ec845826d39af26f6883f3a1b  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.ppc.rpm
244ca4300d6836baedda66db772fc496  java-1.4.2-ibm-jdbc-1.4.2.7-1jpp.4.el3.ppc.rpm
c73781419d273f37f97d8ce82b311e06  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.ppc.rpm

s390:
75cd8c41222044a08be04ee95cac3a69  java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.s390.rpm
d9515b48f0e376124b95f863a0e119b1  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.s390.rpm
7ab30161aa45ba80855b0d2e076d26c7  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.s390.rpm
9e6b279d59ca128a8dbd13d3d606c9fe  java-1.4.2-ibm-jdbc-1.4.2.7-1jpp.4.el3.s390.rpm
a4bb1c49be860aab8e93b19a8176ff6c  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.s390.rpm

s390x:
12c5031365228f5f19eee8a215ef9ee4  java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.s390x.rpm
8409692fe20686679d58f612d717e40a  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.s390x.rpm
d2d32c3276a9c00ac4734a2a8f1ffb96  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.s390x.rpm
8a16cefe0fbb4f8247759f09cdcf6785  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.s390x.rpm

x86_64:
82547c355444694fd0b2b8dbb6287a12  java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.x86_64.rpm
0d47bf67675dfee8814d9f5cbd430f35  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.x86_64.rpm
120deecf68b62f7263bcebbd65c6bd89  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.x86_64.rpm
7be9dc42fac394d88d3b0692e8b55d88  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.x86_64.rpm

Red Hat Desktop version 3 Extras:

i386:
e7450b145da72cd7df3d7b9eabb672dc  java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.i386.rpm
a0658fd7cf3543965f2b6a3ff7a675ae  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.i386.rpm
32f05440f20c1f7a45736beba22d7bd2  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.i386.rpm
8c664c87d87efd40e937b9ad2ae659d5  java-1.4.2-ibm-jdbc-1.4.2.7-1jpp.4.el3.i386.rpm
9174b55fd33680c3eaa09c2def109753  java-1.4.2-ibm-plugin-1.4.2.7-1jpp.4.el3.i386.rpm
395153b4b890249469b8e1f18673f66d  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.i386.rpm

x86_64:
82547c355444694fd0b2b8dbb6287a12  java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.x86_64.rpm
0d47bf67675dfee8814d9f5cbd430f35  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.x86_64.rpm
120deecf68b62f7263bcebbd65c6bd89  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.x86_64.rpm
7be9dc42fac394d88d3b0692e8b55d88  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.x86_64.rpm

Red Hat Enterprise Linux ES version 3 Extras:

i386:
e7450b145da72cd7df3d7b9eabb672dc  java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.i386.rpm
a0658fd7cf3543965f2b6a3ff7a675ae  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.i386.rpm
32f05440f20c1f7a45736beba22d7bd2  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.i386.rpm
8c664c87d87efd40e937b9ad2ae659d5  java-1.4.2-ibm-jdbc-1.4.2.7-1jpp.4.el3.i386.rpm
9174b55fd33680c3eaa09c2def109753  java-1.4.2-ibm-plugin-1.4.2.7-1jpp.4.el3.i386.rpm
395153b4b890249469b8e1f18673f66d  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.i386.rpm

ia64:
9571ca41f69035894760e4e9e6de61a1  java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.ia64.rpm
6cce9e4c37e6bc1b52e2201bad040ac0  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.ia64.rpm
e0dd38c2639885d1ccf964cf4e045289  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.ia64.rpm
6e859d8ca4885c93cf08ff4d22e10b0f  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.ia64.rpm

x86_64:
82547c355444694fd0b2b8dbb6287a12  java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.x86_64.rpm
0d47bf67675dfee8814d9f5cbd430f35  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.x86_64.rpm
120deecf68b62f7263bcebbd65c6bd89  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.x86_64.rpm
7be9dc42fac394d88d3b0692e8b55d88  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.x86_64.rpm

Red Hat Enterprise Linux WS version 3 Extras:

i386:
e7450b145da72cd7df3d7b9eabb672dc  java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.i386.rpm
a0658fd7cf3543965f2b6a3ff7a675ae  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.i386.rpm
32f05440f20c1f7a45736beba22d7bd2  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.i386.rpm
8c664c87d87efd40e937b9ad2ae659d5  java-1.4.2-ibm-jdbc-1.4.2.7-1jpp.4.el3.i386.rpm
9174b55fd33680c3eaa09c2def109753  java-1.4.2-ibm-plugin-1.4.2.7-1jpp.4.el3.i386.rpm
395153b4b890249469b8e1f18673f66d  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.i386.rpm

ia64:
9571ca41f69035894760e4e9e6de61a1  java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.ia64.rpm
6cce9e4c37e6bc1b52e2201bad040ac0  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.ia64.rpm
e0dd38c2639885d1ccf964cf4e045289  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.ia64.rpm
6e859d8ca4885c93cf08ff4d22e10b0f  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.ia64.rpm

x86_64:
82547c355444694fd0b2b8dbb6287a12  java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.x86_64.rpm
0d47bf67675dfee8814d9f5cbd430f35  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.x86_64.rpm
120deecf68b62f7263bcebbd65c6bd89  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.x86_64.rpm
7be9dc42fac394d88d3b0692e8b55d88  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.x86_64.rpm

Red Hat Enterprise Linux AS version 4 Extras:

i386:
b7264df6d752971972379c417acdd542  java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.i386.rpm
c74450baebca6f946e30e75f38675e15  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.i386.rpm
5e28c4902e574860651c603b26f8e437  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.i386.rpm
130198d2be48375779e309cd7aa9ddcd  java-1.4.2-ibm-javacomm-1.4.2.7-1jpp.4.el4.i386.rpm
76f4fe9ec6e40c550d04ba215b56649a  java-1.4.2-ibm-jdbc-1.4.2.7-1jpp.4.el4.i386.rpm
06f53b5223f6cb0989eb6d2c1c709ace  java-1.4.2-ibm-plugin-1.4.2.7-1jpp.4.el4.i386.rpm
3937cebe4d2430437d8376c071ff3f6e  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.i386.rpm

ia64:
91095470fd69f0f9d7632236120e7d0a  java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.ia64.rpm
971f88fbd24d4bc41f20291aa4386347  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.ia64.rpm
40425175a220f0f780eb5dca44dfa55e  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.ia64.rpm
753c21317025a630423d2c205968c1ea  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.ia64.rpm

ppc:
d6df0373e049ef2b4603b7ae51d133a3  java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.ppc.rpm
b2c6b236dafbb63472bd3fce88593fb6  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.ppc.rpm
09c905c7b0997db62830bc2cb0c087f4  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.ppc.rpm
2d75e1570dcf7d9bd40ade448a652583  java-1.4.2-ibm-javacomm-1.4.2.7-1jpp.4.el4.ppc.rpm
c0a9a08712bc162e66ecd4c21962c083  java-1.4.2-ibm-jdbc-1.4.2.7-1jpp.4.el4.ppc.rpm
6fb51c79625fc5e7d2e0657211dc372c  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.ppc.rpm

s390:
1047e8cd790022fb4d4a9e4e51689d89  java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.s390.rpm
cbf3ee99f0d886ee7b286bfc327fa33e  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.s390.rpm
f5bd779019897c4d7acaca6db3ec3ddf  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.s390.rpm
e85b10f20043b11acc4143dfb23da242  java-1.4.2-ibm-jdbc-1.4.2.7-1jpp.4.el4.s390.rpm
9f86a4f4e4a7d0a774e3e720c2a3ebfb  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.s390.rpm

s390x:
c5d86501250a1bc8626b1a9840f2ef0a  java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.s390x.rpm
d900d6335508f7ec99262ad8e76b35dc  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.s390x.rpm
5e0d2f22106c6737eba6ebed99ed63b4  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.s390x.rpm
c5f5a4b28adf551cffc4a3872b65420c  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.s390x.rpm

x86_64:
e0efba6fedf580dc163d3363f1f58f9d  java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.x86_64.rpm
7d2ea6f7b85d9b6679418735388463bd  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.x86_64.rpm
04ca69cd86facb7e6da94dca5f7c4741  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.x86_64.rpm
6686e763dbe66aa089d9f5952af474af  java-1.4.2-ibm-javacomm-1.4.2.7-1jpp.4.el4.x86_64.rpm
e6ac211159748fac80c30ea6838b769a  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.x86_64.rpm

Red Hat Desktop version 4 Extras:

i386:
b7264df6d752971972379c417acdd542  java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.i386.rpm
c74450baebca6f946e30e75f38675e15  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.i386.rpm
5e28c4902e574860651c603b26f8e437  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.i386.rpm
130198d2be48375779e309cd7aa9ddcd  java-1.4.2-ibm-javacomm-1.4.2.7-1jpp.4.el4.i386.rpm
76f4fe9ec6e40c550d04ba215b56649a  java-1.4.2-ibm-jdbc-1.4.2.7-1jpp.4.el4.i386.rpm
06f53b5223f6cb0989eb6d2c1c709ace  java-1.4.2-ibm-plugin-1.4.2.7-1jpp.4.el4.i386.rpm
3937cebe4d2430437d8376c071ff3f6e  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.i386.rpm

x86_64:
e0efba6fedf580dc163d3363f1f58f9d  java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.x86_64.rpm
7d2ea6f7b85d9b6679418735388463bd  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.x86_64.rpm
04ca69cd86facb7e6da94dca5f7c4741  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.x86_64.rpm
6686e763dbe66aa089d9f5952af474af  java-1.4.2-ibm-javacomm-1.4.2.7-1jpp.4.el4.x86_64.rpm
e6ac211159748fac80c30ea6838b769a  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4 Extras:

i386:
b7264df6d752971972379c417acdd542  java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.i386.rpm
c74450baebca6f946e30e75f38675e15  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.i386.rpm
5e28c4902e574860651c603b26f8e437  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.i386.rpm
130198d2be48375779e309cd7aa9ddcd  java-1.4.2-ibm-javacomm-1.4.2.7-1jpp.4.el4.i386.rpm
76f4fe9ec6e40c550d04ba215b56649a  java-1.4.2-ibm-jdbc-1.4.2.7-1jpp.4.el4.i386.rpm
06f53b5223f6cb0989eb6d2c1c709ace  java-1.4.2-ibm-plugin-1.4.2.7-1jpp.4.el4.i386.rpm
3937cebe4d2430437d8376c071ff3f6e  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.i386.rpm

ia64:
91095470fd69f0f9d7632236120e7d0a  java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.ia64.rpm
971f88fbd24d4bc41f20291aa4386347  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.ia64.rpm
40425175a220f0f780eb5dca44dfa55e  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.ia64.rpm
753c21317025a630423d2c205968c1ea  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.ia64.rpm

x86_64:
e0efba6fedf580dc163d3363f1f58f9d  java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.x86_64.rpm
7d2ea6f7b85d9b6679418735388463bd  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.x86_64.rpm
04ca69cd86facb7e6da94dca5f7c4741  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.x86_64.rpm
6686e763dbe66aa089d9f5952af474af  java-1.4.2-ibm-javacomm-1.4.2.7-1jpp.4.el4.x86_64.rpm
e6ac211159748fac80c30ea6838b769a  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4 Extras:

i386:
b7264df6d752971972379c417acdd542  java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.i386.rpm
c74450baebca6f946e30e75f38675e15  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.i386.rpm
5e28c4902e574860651c603b26f8e437  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.i386.rpm
130198d2be48375779e309cd7aa9ddcd  java-1.4.2-ibm-javacomm-1.4.2.7-1jpp.4.el4.i386.rpm
76f4fe9ec6e40c550d04ba215b56649a  java-1.4.2-ibm-jdbc-1.4.2.7-1jpp.4.el4.i386.rpm
06f53b5223f6cb0989eb6d2c1c709ace  java-1.4.2-ibm-plugin-1.4.2.7-1jpp.4.el4.i386.rpm
3937cebe4d2430437d8376c071ff3f6e  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.i386.rpm

ia64:
91095470fd69f0f9d7632236120e7d0a  java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.ia64.rpm
971f88fbd24d4bc41f20291aa4386347  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.ia64.rpm
40425175a220f0f780eb5dca44dfa55e  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.ia64.rpm
753c21317025a630423d2c205968c1ea  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.ia64.rpm

x86_64:
e0efba6fedf580dc163d3363f1f58f9d  java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.x86_64.rpm
7d2ea6f7b85d9b6679418735388463bd  java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.x86_64.rpm
04ca69cd86facb7e6da94dca5f7c4741  java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.x86_64.rpm
6686e763dbe66aa089d9f5952af474af  java-1.4.2-ibm-javacomm-1.4.2.7-1jpp.4.el4.x86_64.rpm
e6ac211159748fac80c30ea6838b769a  java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6731
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6736
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6737
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6745
http://www-128.ibm.com/developerworks/java/jdk/alerts/
http://www.redhat.com/security/updates/classification/#critical

8. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFFyi+8XlSAg2UNWIIRAqxmAJ9kUQbmruGzvYg2ETmG7UpixwOqfACgwsU5
OaUT+XxVODUOQakqcyikbH4=
=t+i5
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQCVAwUBRc/cQSh9+71yA2DNAQK1pQQAmerliSV0euZ7nvq2yTK+SgZl7LE1p+hj
e/YGsDrGqYtjdwYpECNjpTHiMv1YnFlwuG6c6wS2mxWGHOHdsOdVzCY1CLhTaEOT
904IToWQVipfc0zVkZ6JZKkO6Yo7H+GGBsN1GNp6ISZyaztyfiuqBvO4tnTyRkM6
FvHMB0QyB24=
=NePj
-----END PGP SIGNATURE-----