IBM Support

IV70681: FIX SECURITY VULNERABILITY CVE-2015-0138

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • Error Message: N/A
    .
    Stack Trace: N/A
    .
    

Local fix

Problem summary

  • A security vulnerability has been identified.
    

Problem conclusion

  • The Java Runtime Environment has been updated to fix the problem
    described in CVE-2015-0204 at
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204.
    .
    This APAR will be fixed in the following Java Releases:
       8    SR1       (8.0.1.0)
       7 R1 SR2 FP11  (7.1.2.11)
       7    SR9       (7.0.9.0)
       6 R1 SR8 FP4   (6.1.8.4)
       6    SR16 FP4  (6.0.16.4)
       5.0  SR16 FP10 (5.0.16.10)
    .
    Contact your IBM Product's Service Team for these Service
    Refreshes and Fix Packs.
    For those running stand-alone, information about the Service
    Refreshes and Fix Packs can be found at:
               https://www.ibm.com/developerworks/java/jdk/
    

Temporary fix

Comments

APAR Information

  • APAR number

    IV70681

  • Reported component name

    SECURITY

  • Reported component ID

    620700125

  • Reported release

    270

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2015-03-07

  • Closed date

    2015-03-23

  • Last modified date

    2015-03-31

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

    IV70684

Fix information

  • Fixed component name

    SECURITY

  • Fixed component ID

    620700125

Applicable component levels

  • R270 PSY

       UP

  • R260 PSY

       UP

  • R600 PSY

       UP



Document information

More support for: Runtimes for Java Technology
Security

Software version: 270

Reference #: IV70681

Modified date: 31 March 2015


Translate this page: