Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2012.1200 Moderate: java-1.4.2-ibm-sap End of Support Notice 18 December 2012 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: java-1.4.2-ibm-sap Publisher: Red Hat Operating System: Red Hat Enterprise Linux Server 5 Red Hat Enterprise Linux Server 6 Impact/Access: Reduced Security -- Unknown/Unspecified Resolution: Patch/Upgrade Original Bulletin: https://rhn.redhat.com/errata/RHSA-2012-1577.html - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: java-1.4.2-ibm-sap End of Support Notice Advisory ID: RHSA-2012:1577-01 Product: RHEL for SAP Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1577.html Issue date: 2012-12-17 ===================================================================== 1. Summary: The java-1.4.2-ibm-sap packages shipped in the Red Hat Enterprise Linux 5 and 6 for SAP RHN repositories are no longer supported for SAP products. As a result, these packages will no longer be updated and may contain security flaws. Users are advised to migrate to the supported version of SAP certified Java. 2. Relevant releases/architectures: RHEL 5 Server for SAP - x86_64 Red Hat Enterprise Linux SAP (v. 6) - x86_64 3. Description: IBM J2SE version 1.4.2 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. As of October 1 2012, IBM J2SE 1.4.2 is no longer supported for use with SAP products. All SAP users should migrate to SAP JVM 4 provided by SAP as the only supported Java Virtual Machine. Refer to "SAP Note 1495160 - SAP JVM replacement for Partner JDKs 1.4.2" for additional details. These java-1.4.2-ibm-sap packages provide the last SAP certified IBM J2SE 1.4.2 release, SR13-FP13. 4. Solution: This erratum contains java-1.4.2-ibm-sap packages with updated version numbers to ensure the distribution of this notice; however, no changes have been made to the packages. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Package List: RHEL 5 Server for SAP: x86_64: java-1.4.2-ibm-sap-1.4.2.13.13.sap-1jpp.4.el5.x86_64.rpm java-1.4.2-ibm-sap-demo-1.4.2.13.13.sap-1jpp.4.el5.x86_64.rpm java-1.4.2-ibm-sap-devel-1.4.2.13.13.sap-1jpp.4.el5.x86_64.rpm java-1.4.2-ibm-sap-javacomm-1.4.2.13.13.sap-1jpp.4.el5.x86_64.rpm java-1.4.2-ibm-sap-src-1.4.2.13.13.sap-1jpp.4.el5.x86_64.rpm Red Hat Enterprise Linux SAP (v. 6): x86_64: java-1.4.2-ibm-sap-1.4.2.13.13.sap-1jpp.4.el6.x86_64.rpm java-1.4.2-ibm-sap-devel-1.4.2.13.13.sap-1jpp.4.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 6. References: https://access.redhat.com/security/updates/classification/#moderate http://www.ibm.com/developerworks/java/jdk/alerts/ http://scn.sap.com/docs/DOC-1124 7. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQz4kBXlSAg2UNWIIRAhnEAJsEYctXKpM8EIH45OHoUyG73mBhQACgp01o izDrextL/palLEa6uB+GIZU= =C0EZ - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBUNAa6e4yVqjM2NGpAQK8EhAAtTU8RQ+e5Ika0z35futKztvDQU36BFKM JFKUXaDj7cxFUqPr0hXxNo4nk1eRvHdvSt+QjJy10X+6ZFPBTiLLlvmokowF0aqX D0dk+M2CRWwPekxTqA+PmIyIT1ARdpoIuwbUilpFu9NiA428H0Lra2MkNDOB0uIH 9y24vmD1SIpIG89n6VXhcLTaAIIaT+ygjPtR1k7UugdVsO8lcwrm/hfIZdbpKBTZ 8+o/98l3McAOQdNt+vine+gZOGOwThy2NoEwa8LNcB01NjGDb6LeARjMSUahWRt4 Sk6CGIqie6GWzWijmojHZtdnac+tVzmrSTaHb8624EjtbciNbxlsf+pyBAPF8ZXb pYZgG7zHSezJZj/0BALlJR7jhSba6PClsts4bjiAdBo3qysmNLKtabeOduYFJv1K OAlA3MQfGh5QFd+XWsK1z7W3AClzQyZmpxNOzCoqO75reZjXd9tTWoKckBg1XaMn ys69i+XBXtzFWiuEb1vpOQzeUHb+1evgjD3ACW7YJTcOZFjKdnlDFe597gFpdQVP /P0wt1kTpCaYyblhrwub3z3TZ3mdJykbp1XCfNtgh3XAAVPd49zMIDTKuu+TaL2B +0Agp7s+VYMP9v30LUFN5XD+nRsD7vf6+5O6kC3e2AkQAZKdZa1pmQiuoJhzZNpu 7G00YmMuZRc= =PrEX -----END PGP SIGNATURE-----