IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2013-1500, CVE-2013-1571, CVE-2013-2407, CVE-2013-2412, CVE-2013-2437, CVE-2013-2442, CVE-2013-2443, CVE-2013-2444, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2455, CVE-2013-2456, CVE-2013-2457, CVE-2013-2459, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-3743) Red Hat would like to thank Tim Brown for reporting CVE-2013-1500, and US-CERT for reporting CVE-2013-1571. US-CERT acknowledges Oracle as the original reporter of CVE-2013-1571. All users of java-1.6.0-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 6 SR14 release. All running instances of IBM Java must be restarted for the update to take effect.
bugzilla.redhat.com/bugzilla/show_bug.cgi?id=975146
hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/8dd8266a2f4b
lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html
lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html
lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html
marc.info/?l=bugtraq&m=137545592101387&w=2
rhn.redhat.com/errata/RHSA-2013-0963.html
rhn.redhat.com/errata/RHSA-2013-1059.html
rhn.redhat.com/errata/RHSA-2013-1060.html
rhn.redhat.com/errata/RHSA-2013-1455.html
rhn.redhat.com/errata/RHSA-2013-1456.html
secunia.com/advisories/54154
security.gentoo.org/glsa/glsa-201406-32.xml
www-01.ibm.com/support/docview.wss?uid=swg21642336
www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
www.securityfocus.com/bid/60625
www.us-cert.gov/ncas/alerts/TA13-169A
access.redhat.com/errata/RHSA-2014:0414
access.redhat.com/security/cve/CVE-2013-3009
access.redhat.com/security/cve/CVE-2013-3011
access.redhat.com/security/cve/CVE-2013-3012
access.redhat.com/security/cve/CVE-2013-4002
access.redhat.com/security/updates/classification/#critical
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17265
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19535
rhn.redhat.com/errata/RHSA-2013-1059.html
www.ibm.com/developerworks/java/jdk/alerts/