IBM Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU – Jul 2018 – Includes Oracle Jul 2018 CPU affects DB2 Recovery Expert for Linux, Unix and Windows

There are multiple vulnerabilities in IBM® SDK Java Technology Edition, Version 6, Version 7 ,version 8, that is used by DB2 Recovery Expert for Linux, Unix and Windows. These issues were disclosed as part of the IBM Java SDK updates in July 2018.

CVE(s): CVE-2016-0705, CVE-2017-3736, CVE-2017-3732, CVE-2018-2952, CVE-2018-1656, CVE-2018-12539

Affected product(s) and affected version(s):

DB2 Recovery Expert for LUW 5.1
DB2 Recovery Expert for LUW 5.1 Interim Fix 1 (IF1)
DB2 Recovery Expert for LUW 5.1.0.1 (also called 5.1 Fix Pack 1)
DB2 Recovery Expert for LUW 5.1.0.1 IF1
DB2 Recovery Expert for LUW 5.1.0.1 IF2
DB2 Recovery Expert for LUW 5.1.0.2 (also called 5.1 Fix Pack 2)
DB2 Recovery Expert for LUW 5.1.0.2 IF1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10964590
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/111140
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/134397
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/121313
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/146815
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/144882
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148389

The post IBM Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU – Jul 2018 – Includes Oracle Jul 2018 CPU affects DB2 Recovery Expert for Linux, Unix and Windows appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team https://ift.tt/2ZgAux5