Operating System:

[RedHat]

Published:

18 December 2012

Protect yourself against future threats.

//Service

Phishing Take-Down

Drawing on our strong international CERT relationships we have a high success rate in delivering phishing take-downs.

Read more
Resources > Security Bulletins > ESB-2012.1200 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2012.1200
            Moderate: java-1.4.2-ibm-sap End of Support Notice
                             18 December 2012

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           java-1.4.2-ibm-sap
Publisher:         Red Hat
Operating System:  Red Hat Enterprise Linux Server 5
                   Red Hat Enterprise Linux Server 6
Impact/Access:     Reduced Security -- Unknown/Unspecified
Resolution:        Patch/Upgrade

Original Bulletin: 
   https://rhn.redhat.com/errata/RHSA-2012-1577.html

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: java-1.4.2-ibm-sap End of Support Notice
Advisory ID:       RHSA-2012:1577-01
Product:           RHEL for SAP
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2012-1577.html
Issue date:        2012-12-17
=====================================================================

1. Summary:

The java-1.4.2-ibm-sap packages shipped in the Red Hat Enterprise Linux 5
and 6 for SAP RHN repositories are no longer supported for SAP products. As
a result, these packages will no longer be updated and may contain security
flaws. Users are advised to migrate to the supported version of SAP
certified Java.

2. Relevant releases/architectures:

RHEL 5 Server for SAP - x86_64
Red Hat Enterprise Linux SAP (v. 6) - x86_64

3. Description:

IBM J2SE version 1.4.2 includes the IBM Java Runtime Environment and the
IBM Java Software Development Kit.

As of October 1 2012, IBM J2SE 1.4.2 is no longer supported for use with
SAP products. All SAP users should migrate to SAP JVM 4 provided by SAP as
the only supported Java Virtual Machine. Refer to "SAP Note 1495160 - SAP
JVM replacement for Partner JDKs 1.4.2" for additional details.

These java-1.4.2-ibm-sap packages provide the last SAP certified IBM J2SE
1.4.2 release, SR13-FP13.

4. Solution:

This erratum contains java-1.4.2-ibm-sap packages with updated version
numbers to ensure the distribution of this notice; however, no changes have
been made to the packages.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

5. Package List:

RHEL 5 Server for SAP:

x86_64:
java-1.4.2-ibm-sap-1.4.2.13.13.sap-1jpp.4.el5.x86_64.rpm
java-1.4.2-ibm-sap-demo-1.4.2.13.13.sap-1jpp.4.el5.x86_64.rpm
java-1.4.2-ibm-sap-devel-1.4.2.13.13.sap-1jpp.4.el5.x86_64.rpm
java-1.4.2-ibm-sap-javacomm-1.4.2.13.13.sap-1jpp.4.el5.x86_64.rpm
java-1.4.2-ibm-sap-src-1.4.2.13.13.sap-1jpp.4.el5.x86_64.rpm

Red Hat Enterprise Linux SAP (v. 6):

x86_64:
java-1.4.2-ibm-sap-1.4.2.13.13.sap-1jpp.4.el6.x86_64.rpm
java-1.4.2-ibm-sap-devel-1.4.2.13.13.sap-1jpp.4.el6.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

6. References:

https://access.redhat.com/security/updates/classification/#moderate
http://www.ibm.com/developerworks/java/jdk/alerts/
http://scn.sap.com/docs/DOC-1124

7. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2012 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFQz4kBXlSAg2UNWIIRAhnEAJsEYctXKpM8EIH45OHoUyG73mBhQACgp01o
izDrextL/palLEa6uB+GIZU=
=C0EZ
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBUNAa6e4yVqjM2NGpAQK8EhAAtTU8RQ+e5Ika0z35futKztvDQU36BFKM
JFKUXaDj7cxFUqPr0hXxNo4nk1eRvHdvSt+QjJy10X+6ZFPBTiLLlvmokowF0aqX
D0dk+M2CRWwPekxTqA+PmIyIT1ARdpoIuwbUilpFu9NiA428H0Lra2MkNDOB0uIH
9y24vmD1SIpIG89n6VXhcLTaAIIaT+ygjPtR1k7UugdVsO8lcwrm/hfIZdbpKBTZ
8+o/98l3McAOQdNt+vine+gZOGOwThy2NoEwa8LNcB01NjGDb6LeARjMSUahWRt4
Sk6CGIqie6GWzWijmojHZtdnac+tVzmrSTaHb8624EjtbciNbxlsf+pyBAPF8ZXb
pYZgG7zHSezJZj/0BALlJR7jhSba6PClsts4bjiAdBo3qysmNLKtabeOduYFJv1K
OAlA3MQfGh5QFd+XWsK1z7W3AClzQyZmpxNOzCoqO75reZjXd9tTWoKckBg1XaMn
ys69i+XBXtzFWiuEb1vpOQzeUHb+1evgjD3ACW7YJTcOZFjKdnlDFe597gFpdQVP
/P0wt1kTpCaYyblhrwub3z3TZ3mdJykbp1XCfNtgh3XAAVPd49zMIDTKuu+TaL2B
+0Agp7s+VYMP9v30LUFN5XD+nRsD7vf6+5O6kC3e2AkQAZKdZa1pmQiuoJhzZNpu
7G00YmMuZRc=
=PrEX
-----END PGP SIGNATURE-----