IBM JDK updates 7R1 SR2-FP10, 7 SR8-FP10, 6R1 SR8-FP3, 6 SR16-FP3 and 5.0 SR16-FP9 correct an unspecified vulnerability identified using CVE-2014-8892. Upstream has rated this issue with CVSSv2 score of 4.3 (no vector provided). http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_February_2015 Further details of the issue should be made available via the following link: http://www.ibm.com/support/docview.wss?uid=swg21695747
The above URL still does not work, but the security bulletin is now available via the following URL: https://www-304.ibm.com/support/docview.wss?uid=swg21695474 It provides the following information for this issue: A vulnerability in the IBM implementation of the Java Virtual Machine may, under very limited circumstances, allow untrusted code running under a security manager to bypass permission checks and view sensitive information. http://xforce.iss.net/xforce/xfdb/99011 There's currently only a blank page served on the xforce URL.
This issue has been addressed in the following products: Supplementary for Red Hat Enterprise Linux 6 Supplementary for Red Hat Enterprise Linux 5 Via RHSA-2015:0136 https://rhn.redhat.com/errata/RHSA-2015-0136.html
This issue has been addressed in the following products: Supplementary for Red Hat Enterprise Linux 5 Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2015:0135 https://rhn.redhat.com/errata/RHSA-2015-0135.html
This issue has been addressed in the following products: Supplementary for Red Hat Enterprise Linux 5 Via RHSA-2015:0134 https://rhn.redhat.com/errata/RHSA-2015-0134.html
This issue has been addressed in the following products: Supplementary for Red Hat Enterprise Linux 7 Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2015:0133 https://rhn.redhat.com/errata/RHSA-2015-0133.html
This issue has been addressed in the following products: Red Hat Satellite Server v 5.7 Via RHSA-2015:0263 https://rhn.redhat.com/errata/RHSA-2015-0263.html
This issue has been addressed in the following products: Red Hat Satellite Server v 5.6 Via RHSA-2015:0264 https://rhn.redhat.com/errata/RHSA-2015-0264.html