IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM OS Images for Red Hat Linux Systems, AIX-based, and Windows-based deployments.

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6 and 7, used by the OS Images for IBM PureApplication System. These issues were disclosed as part of the IBM Java SDK updates in Oct 2017.

CVE(s): CVE-2016-9841, CVE-2017-10356, CVE-2017-10388, CVE-2016-9843, CVE-2016-9842, CVE-2016-9840, CVE-2016-10165

Affected product(s) and affected version(s):

IBM PureApplication System V2.1.0.0
IBM PureApplication System V2.1.0.1
IBM PureApplication System V2.1.0.2
IBM PureApplication System V2.1.0.0
IBM PureApplication System V2.1.1.0
IBM PureApplication System V2.1.2.0
IBM PureApplication System V2.1.2.1
IBM PureApplication System V2.1.2.2
IBM PureApplication System V2.1.2.3
IBM PureApplication System V2.1.2.4
IBM PureApplication System V2.2.0.0
IBM PureApplication System V2.2.1.0
IBM PureApplication System V2.2.2.0
IBM PureApplication System V2.2.2.1
IBM PureApplication System V2.2.2.2
IBM PureApplication System V2.2.3.0
IBM PureApplication System V2.2.3.1
IBM PureApplication System V2.2.3.2
IBM PureApplication System V2.2.4.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg22013703
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/120509
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133785
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133813
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/120511
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/120510
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/120508
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/127028

The post IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM OS Images for Red Hat Linux Systems, AIX-based, and Windows-based deployments. appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2o7sp9B