IC92756: SECURITY APAR CVE-2013-0440, CVE-2013-0443

 

APAR status

  • Closed as program error.

Error description

  • There is a potential security exposure when using IBM InfoSphere
    Streams, which is due to vulnerabilities in IBM Java SE Version
    6 SDK.  Vulnerabilities in the Java Runtime Environment (JRE)
    allow remote attackers to affect confidentiality, integrity, and
    availability. For additional information on specific
    vulnerabilities refer to the CVE references:
    CVE-2012-0440, CVE-2013-0443
    

Local fix

  • The recommended solution is to apply the IBM SDK for Linux Java
    SE Version 6 fix as soon as practical.  A patch for this APAR is
    available from Fix Central and is named
    1.2.1.0-Patch_for_IBM_Java6_SR13.
    

Problem summary

  • Apply 1.2.1.0-Patch_for_IBM_Java6_SR13
    

Problem conclusion

  • Apply 1.2.1.0-Patch_for_IBM_Java6_SR13
    

Temporary fix

Comments

APAR Information

  • APAR number

    IC92756

  • Reported component name

    INFOSPHERE STRE

  • Reported component ID

    5724Y95IS

  • Reported release

    121

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2013-06-03

  • Closed date

    2013-06-12

  • Last modified date

    2013-06-12

  • APAR is sysrouted FROM one or more of the following:

    IC92753

  • APAR is sysrouted TO one or more of the following:

Modules/Macros

  • Java
    

Fix information

  • Fixed component name

    INFOSPHERE STRE

  • Fixed component ID

    5724Y95IS

Applicable component levels

  • R121 PSY

       UP

Rate this page:

(0 users)Average rating

Document information


More support for:

InfoSphere Streams

Software version:

121

Reference #:

IC92756

Modified date:

2013-06-12

Translate my page

Machine Translation

Content navigation