IBM Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition

Java SE issues disclosed in the Oracle July 2019 Critical Patch Update, plus four additional vulnerabilities

CVE(s): CVE-2019-7317, CVE-2019-2769, CVE-2019-2762, CVE-2019-2816, CVE-2019-2786, CVE-2019-2766, CVE-2019-11772, CVE-2019-11775, CVE-2019-4473, CVE-2019-11771

Affected product(s) and affected version(s):
IBM SDK, Java Technology Edition, Version 7 Service Refresh 10 Fix Pack 45 and earlier releases
IBM SDK, Java Technology Edition, Version 7R1 Service Refresh 4 Fix Pack 45 and earlier releases
IBM SDK, Java Technology Edition, Version 8 Service Refresh 5 Fix Pack 37 and earlier releases

For detailed information on which CVEs affect which releases, please refer to the IBM SDK, Java Technology Edition Security Vulnerabilities page.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10960422
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/156548
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163832
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163826
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163878
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163849
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163829
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163990
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/164479
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163984
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163989

The post IBM Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team https://ift.tt/2MANuH8