Oval Definition:oval:org.opensuse.security:def:100433
Revision Date:2022-03-14Version:1
Title: (Moderate)
Description:

This update for java-11-openjdk fixes the following issues:

- CVE-2022-21248: Fixed incomplete deserialization class filtering in ObjectInputStream. (bnc#1194926) - CVE-2022-21277: Fixed incorrect reading of TIFF files in TIFFNullDecompressor. (bnc#1194930) - CVE-2022-21282: Fixed Insufficient URI checks in the XSLT TransformerImpl. (bnc#1194933) - CVE-2022-21283: Fixed unexpected exception thrown in regex Pattern. (bnc#1194937) - CVE-2022-21291: Fixed Incorrect marking of writeable fields. (bnc#1194925) - CVE-2022-21293: Fixed Incomplete checks of StringBuffer and StringBuilder during deserialization. (bnc#1194935) - CVE-2022-21294: Fixed Incorrect IdentityHashMap size checks during deserialization. (bnc#1194934) - CVE-2022-21296: Fixed Incorrect access checks in XMLEntityManager. (bnc#1194932) - CVE-2022-21299: Fixed Infinite loop related to incorrect handling of newlines in XMLEntityScanner. (bnc#1194931) - CVE-2022-21305: Fixed Array indexing issues in LIRGenerator. (bnc#1194939) - CVE-2022-21340: Fixed Excessive resource use when reading JAR manifest attributes. (bnc#1194940) - CVE-2022-21341: Fixed OpenJDK: Insufficient checks when deserializing exceptions in ObjectInputStream. (bnc#1194941) - CVE-2022-21360: Fixed Excessive memory allocation in BMPImageReader. (bnc#1194929) - CVE-2022-21365: Fixed Integer overflow in BMPImageReader. (bnc#1194928) - CVE-2022-21366: Fixed Excessive memory allocation in TIFF*Decompressor. (bnc#1194927)
Family:unixClass:patch
Status:Reference(s):1194925
1194926
1194927
1194928
1194929
1194930
1194931
1194932
1194933
1194934
1194935
1194937
1194939
1194940
1194941
CVE-2009-5029
CVE-2009-5064
CVE-2010-3192
CVE-2012-3406
CVE-2012-4412
CVE-2013-0242
CVE-2013-1914
CVE-2013-2207
CVE-2013-4237
CVE-2013-4332
CVE-2013-4458
CVE-2013-7423
CVE-2014-0475
CVE-2014-4043
CVE-2014-5119
CVE-2014-6040
CVE-2014-7817
CVE-2014-8121
CVE-2014-9402
CVE-2014-9761
CVE-2015-1472
CVE-2015-1473
CVE-2015-1781
CVE-2015-5180
CVE-2015-7547
CVE-2015-8776
CVE-2015-8777
CVE-2015-8778
CVE-2015-8779
CVE-2016-1234
CVE-2016-3075
CVE-2016-3706
CVE-2016-4429
CVE-2016-5417
CVE-2016-6323
CVE-2017-1000366
CVE-2017-1000408
CVE-2017-1000409
CVE-2017-12132
CVE-2017-12133
CVE-2017-15670
CVE-2017-15671
CVE-2017-15804
CVE-2017-16997
CVE-2017-17426
CVE-2018-1000001
CVE-2018-6485
CVE-2018-6551
CVE-2022-21248
CVE-2022-21277
CVE-2022-21282
CVE-2022-21283
CVE-2022-21291
CVE-2022-21293
CVE-2022-21294
CVE-2022-21296
CVE-2022-21299
CVE-2022-21305
CVE-2022-21340
CVE-2022-21341
CVE-2022-21360
CVE-2022-21365
CVE-2022-21366
Platform(s):Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM
SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
Product(s):
Definition Synopsis
  • Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM is installed
  • AND Package Information
  • java-11-openjdk-11.0.14.0-3.74.2 is installed
  • OR java-11-openjdk-headless-11.0.14.0-3.74.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND Package Information
  • glibc-32bit-2.26-8.21 is installed
  • OR glibc-locale-32bit-2.26-8.21 is installed
    • BACK