It looks to be specific to the IBM JDK only (OpenJDK/Oracle Java are not affected). A vulnerability in the IBMSecureRandom implementation of the IBMJCE and IBMSecureRandom cryptographic providers was reported. [1] This flaw potentially allows an attacker to predict the output of the random number generator under certain circumstances. [1]: http://www.auscert.org.au/render.html?it=19629
IBM mentions the following workaround: "For CVE-2014-0878, use the IBMSecureRandom implementation from the IBMJCEFIPS cryptographic provider. Or, if using the IBMJCE cryptographic provider, use the SHA1PRNG or the DRBG family of secure random number generators. Or, if using the IBMSecureRandom cryptographic provider, use the SHA1PRNG secure random number generator." References: http://www-01.ibm.com/support/docview.wss?uid=swg21672043
Red Hat Enterprise Linux Supplementary updates to fixed IBM Java SE 5.0, 6, and 7 versions were released before this CVE was made public. The list of relevant errata can be found on the CVE page: https://access.redhat.com/security/cve/CVE-2014-0878
This issue has been addressed in following products: Red Hat Network Satellite Server v 5.4 Red Hat Network Satellite Server v 5.5 Red Hat Satellite Server v 5.6 Via RHSA-2014:0982 https://rhn.redhat.com/errata/RHSA-2014-0982.html