This IBM Java 1.7.0 SR9 FP40 release fixes the following issues:
Security issues fixed: - CVE-2016-0264: buffer overflow vulnerability in the IBM JVM (bsc#977648) - CVE-2016-0363: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix (bsc#977650) - CVE-2016-0376: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix (bsc#977646) - The following CVEs got also fixed during this update. (bsc#979252) CVE-2016-3443, CVE-2016-0687, CVE-2016-0686, CVE-2016-3427, CVE-2016-3449, CVE-2016-3422, CVE-2016-3426