VOOZH about

URL: https://www.ibm.com/support/pages/apar/IV70681

⇱ IV70681: FIX SECURITY VULNERABILITY CVE-2015-0138

IV70681: FIX SECURITY VULNERABILITY CVE-2015-0138

Direct links to fixes

8.0.1.2-ISS-ISAM-IF0001
PI37006: SHIP JAVA 6/26 SR8 FP3 + IV69354+IV69616+IV68447+IV70681 FOR WAS 8555
PI37009: SHIP JAVA 6/26 SR8 FP2 + IV68447+IV69354+IV66608+IV66375+IX90155+IV66944+IV66991+IV70681 for WAS 8554
PI37005: SHIP JAVA 7 SR8 FP10 +IV69419+IV68447+IV70681 FOR WAS 8555
PI37010: SHIP JAVA 6/26 SR8 FP2 + IV68447+IV69354+IV66608+IV66375+IX90155+IV66944+IV66991+IV70681
PI37004: SHIP JAVA 7.1 SR2 FP10 + IV70681 FOR WAS 8555
PI37013: SHIP JAVA 6 SR16 FP3 + IV69354+IV70681 FOR WAS 70037
PI37014: SHIP JAVA 6 SR16 FP1 + IV64658+IV64659+IV70681 FOR WAS 70035
PI37008: Ship Java 7 SR8 + IV66608+IV66375+IX90155+IV66944+IV66991+IV70681 for WAS 8554
PI37007: SHIP JAVA 7.1 SR2+IV66608+IV66375+IV66944+IV70681 FOR WAS 8554
PI37011: SHIP JAVA 6/26 SR8 + IX90144+IV70681 FOR WAS 8009
PI38186: Ship Java 6/26 SR8 FP3 +IV69354+IV69616+IV68447+IV70681 for WAS800x
PI37003: Ship Java 8 + IV69417 + IV69419 + IV69509 + IV70681 for WAS 8555
PI42772:

APAR status

  • Closed as program error.

Error description

  • Error Message: N/A
.
Stack Trace: N/A
.

Local fix



Problem summary


    

  • A security vulnerability has been identified.



Problem conclusion


    

  • The Java Runtime Environment has been updated to fix the problem
described in CVE-2015-0204 at
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204.
.
This APAR will be fixed in the following Java Releases:
 8 SR1 (8.0.1.0)
 7 R1 SR2 FP11 (7.1.2.11)
 7 SR9 (7.0.9.0)
 6 R1 SR8 FP4 (6.1.8.4)
 6 SR16 FP4 (6.0.16.4)
 5.0 SR16 FP10 (5.0.16.10)
.
Contact your IBM Product's Service Team for these Service
Refreshes and Fix Packs.
For those running stand-alone, information about the Service
Refreshes and Fix Packs can be found at:
 https://www.ibm.com/developerworks/java/jdk/



Temporary fix


    



Comments


    



APAR Information




    

  • APAR number
    IV70681
    • 

  • Reported component name
    SECURITY
    • 

  • Reported component ID
    620700125
    • 

  • Reported release
    270
    • 

  • Status
    CLOSED PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2015-03-07
    • 

  • Closed date
    2015-03-23
    • 

  • Last modified date
    2015-03-31
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    
IV70684
    

    • 



Fix information


    

  • Fixed component name
    SECURITY
    • 

  • Fixed component ID
    620700125
    • 



Applicable component levels


    

  • R270 PSY
       UP
    • 

  • R260 PSY
       UP
    • 

  • R600 PSY
       UP
    • 







 
 
 
 

 [{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"270","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]
 

 

 
 
 

 

 

 

 

 

 
Document Information


 

 

 Modified date:
 

 08 January 2022