Oval Definition:oval:org.opensuse.security:def:52112
Revision Date:2020-12-01Version:1
Title:Security update for java-11-openjdk (Important)
Description:

This update for java-11-openjdk fixes the following issues:

Java was updated to jdk-11.0.7+10 (April 2020 CPU, bsc#1169511).

Security issues fixed:

- CVE-2020-2754: Fixed an incorrect handling of regular expressions that could have resulted in denial of service (bsc#1169511). - CVE-2020-2755: Fixed an incorrect handling of regular expressions that could have resulted in denial of service (bsc#1169511). - CVE-2020-2756: Fixed an incorrect handling of regular expressions that could have resulted in denial of service (bsc#1169511). - CVE-2020-2757: Fixed an object deserialization issue that could have resulted in denial of service via crafted serialized input (bsc#1169511). - CVE-2020-2767: Fixed an incorrect handling of certificate messages during TLS handshakes (bsc#1169511). - CVE-2020-2773: Fixed the incorrect handling of exceptions thrown by unmarshalKeyInfo() and unmarshalXMLSignature() (bsc#1169511). - CVE-2020-2778: Fixed the incorrect handling of SSLParameters in setAlgorithmConstraints(), which could have been abused to override the defined systems security policy and lead to the use of weak crypto algorithms (bsc#1169511). - CVE-2020-2781: Fixed the incorrect re-use of single null TLS sessions (bsc#1169511). - CVE-2020-2800: Fixed an HTTP header injection issue caused by mishandling of CR/LF in header values (bsc#1169511). - CVE-2020-2803: Fixed a boundary check and type check issue that could have led to a sandbox bypass (bsc#1169511). - CVE-2020-2805: Fixed a boundary check and type check issue that could have led to a sandbox bypass (bsc#1169511). - CVE-2020-2816: Fixed an incorrect handling of application data packets during TLS handshakes (bsc#1169511). - CVE-2020-2830: Fixed an incorrect handling of regular expressions that could have resulted in denial of service (bsc#1169511).
Family:unixClass:patch
Status:Reference(s):1140844
1141320
1144524
1146848
1152990
1152992
1152994
1152995
1154063
1155419
1160471
1160850
1160852
1160888
1162396
1164804
1166847
1167462
1169511
1170441
1173274
1178387
CVE-2010-1205
CVE-2010-2935
CVE-2010-2936
CVE-2011-1898
CVE-2011-2501
CVE-2011-3026
CVE-2011-3045
CVE-2011-3048
CVE-2011-3177
CVE-2012-0029
CVE-2012-0217
CVE-2012-1152
CVE-2012-2369
CVE-2012-2625
CVE-2012-3386
CVE-2012-3432
CVE-2012-3433
CVE-2012-4411
CVE-2012-4535
CVE-2012-4536
CVE-2012-4537
CVE-2012-4538
CVE-2012-4539
CVE-2012-4544
CVE-2012-5510
CVE-2012-5511
CVE-2012-5513
CVE-2012-5514
CVE-2012-5515
CVE-2012-5525
CVE-2012-5634
CVE-2012-6075
CVE-2012-6708
CVE-2013-0151
CVE-2013-0152
CVE-2013-0153
CVE-2013-1442
CVE-2013-1917
CVE-2013-1918
CVE-2013-1919
CVE-2013-1922
CVE-2013-1952
CVE-2013-2007
CVE-2013-3495
CVE-2013-4355
CVE-2013-4356
CVE-2013-4361
CVE-2013-4375
CVE-2013-4416
CVE-2013-4494
CVE-2013-4540
CVE-2013-4551
CVE-2013-4553
CVE-2013-4554
CVE-2013-6393
CVE-2013-7353
CVE-2013-7354
CVE-2014-0247
CVE-2014-2525
CVE-2014-3124
CVE-2014-3524
CVE-2014-3575
CVE-2014-3693
CVE-2014-6268
CVE-2014-7154
CVE-2014-7155
CVE-2014-7156
CVE-2014-7188
CVE-2014-8146
CVE-2014-8147
CVE-2014-8962
CVE-2014-9028
CVE-2014-9093
CVE-2014-9130
CVE-2015-4551
CVE-2015-5212
CVE-2015-5213
CVE-2015-5214
CVE-2015-7981
CVE-2015-8126
CVE-2015-8833
CVE-2015-9251
CVE-2017-7467
CVE-2019-13456
CVE-2019-14902
CVE-2019-14907
CVE-2019-15681
CVE-2019-15690
CVE-2019-15845
CVE-2019-16201
CVE-2019-16254
CVE-2019-16255
CVE-2019-17185
CVE-2019-19344
CVE-2019-20788
CVE-2020-14422
CVE-2020-25692
CVE-2020-2754
CVE-2020-2755
CVE-2020-2756
CVE-2020-2757
CVE-2020-2767
CVE-2020-2773
CVE-2020-2778
CVE-2020-2781
CVE-2020-2800
CVE-2020-2803
CVE-2020-2805
CVE-2020-2816
CVE-2020-2830
CVE-2020-8130
SUSE-SU-2020:0223-1
SUSE-SU-2020:0737-1
SUSE-SU-2020:1023-1
SUSE-SU-2020:1164-1
SUSE-SU-2020:1822-1
SUSE-SU-2020:2583-1
SUSE-SU-2020:3313-1
Platform(s):openSUSE Leap 15.0
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • libmysqld19-10.2.14-lp150.1 is installed
  • OR mariadb-10.2.14-lp150.1 is installed
  • OR mariadb-client-10.2.14-lp150.1 is installed
  • OR mariadb-errormessages-10.2.14-lp150.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • libmysql55client18-5.5.39-0.7 is installed
  • OR libmysql55client18-32bit-5.5.39-0.7 is installed
  • OR libmysql55client_r18-5.5.39-0.7 is installed
  • OR libmysql55client_r18-32bit-5.5.39-0.7 is installed
  • OR libmysqlclient15-5.0.96-0.6 is installed
  • OR libmysqlclient15-32bit-5.0.96-0.6 is installed
  • OR libmysqlclient_r15-5.0.96-0.6 is installed
  • OR libmysqlclient_r15-32bit-5.0.96-0.6 is installed
  • OR mysql-5.5.39-0.7 is installed
  • OR mysql-client-5.5.39-0.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • xen-4.4.3_02-26 is installed
  • OR xen-doc-html-4.4.3_02-26 is installed
  • OR xen-kmp-default-4.4.3_02_3.0.101_65-26 is installed
  • OR xen-kmp-pae-4.4.3_02_3.0.101_65-26 is installed
  • OR xen-libs-4.4.3_02-26 is installed
  • OR xen-libs-32bit-4.4.3_02-26 is installed
  • OR xen-tools-4.4.3_02-26 is installed
  • OR xen-tools-domU-4.4.3_02-26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • xen-4.4.1_06-2 is installed
  • OR xen-kmp-default-4.4.1_06_k3.12.28_4-2 is installed
  • OR xen-libs-4.4.1_06-2 is installed
  • OR xen-libs-32bit-4.4.1_06-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • libreoffice-5.0.2.2-13 is installed
  • OR libreoffice-base-5.0.2.2-13 is installed
  • OR libreoffice-base-drivers-mysql-5.0.2.2-13 is installed
  • OR libreoffice-base-drivers-postgresql-5.0.2.2-13 is installed
  • OR libreoffice-calc-5.0.2.2-13 is installed
  • OR libreoffice-calc-extensions-5.0.2.2-13 is installed
  • OR libreoffice-draw-5.0.2.2-13 is installed
  • OR libreoffice-filters-optional-5.0.2.2-13 is installed
  • OR libreoffice-gnome-5.0.2.2-13 is installed
  • OR libreoffice-icon-theme-tango-5.0.2.2-13 is installed
  • OR libreoffice-impress-5.0.2.2-13 is installed
  • OR libreoffice-l10n-af-5.0.2.2-13 is installed
  • OR libreoffice-l10n-ar-5.0.2.2-13 is installed
  • OR libreoffice-l10n-ca-5.0.2.2-13 is installed
  • OR libreoffice-l10n-cs-5.0.2.2-13 is installed
  • OR libreoffice-l10n-da-5.0.2.2-13 is installed
  • OR libreoffice-l10n-de-5.0.2.2-13 is installed
  • OR libreoffice-l10n-en-5.0.2.2-13 is installed
  • OR libreoffice-l10n-es-5.0.2.2-13 is installed
  • OR libreoffice-l10n-fi-5.0.2.2-13 is installed
  • OR libreoffice-l10n-fr-5.0.2.2-13 is installed
  • OR libreoffice-l10n-gu-5.0.2.2-13 is installed
  • OR libreoffice-l10n-hi-5.0.2.2-13 is installed
  • OR libreoffice-l10n-hu-5.0.2.2-13 is installed
  • OR libreoffice-l10n-it-5.0.2.2-13 is installed
  • OR libreoffice-l10n-ja-5.0.2.2-13 is installed
  • OR libreoffice-l10n-ko-5.0.2.2-13 is installed
  • OR libreoffice-l10n-nb-5.0.2.2-13 is installed
  • OR libreoffice-l10n-nl-5.0.2.2-13 is installed
  • OR libreoffice-l10n-nn-5.0.2.2-13 is installed
  • OR libreoffice-l10n-pl-5.0.2.2-13 is installed
  • OR libreoffice-l10n-pt-BR-5.0.2.2-13 is installed
  • OR libreoffice-l10n-pt-PT-5.0.2.2-13 is installed
  • OR libreoffice-l10n-ru-5.0.2.2-13 is installed
  • OR libreoffice-l10n-sk-5.0.2.2-13 is installed
  • OR libreoffice-l10n-sv-5.0.2.2-13 is installed
  • OR libreoffice-l10n-xh-5.0.2.2-13 is installed
  • OR libreoffice-l10n-zh-Hans-5.0.2.2-13 is installed
  • OR libreoffice-l10n-zh-Hant-5.0.2.2-13 is installed
  • OR libreoffice-l10n-zu-5.0.2.2-13 is installed
  • OR libreoffice-mailmerge-5.0.2.2-13 is installed
  • OR libreoffice-math-5.0.2.2-13 is installed
  • OR libreoffice-officebean-5.0.2.2-13 is installed
  • OR libreoffice-pyuno-5.0.2.2-13 is installed
  • OR libreoffice-writer-5.0.2.2-13 is installed
  • OR libreoffice-writer-extensions-5.0.2.2-13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • libpng12-0-1.2.50-13 is installed
  • OR libpng12-0-32bit-1.2.50-13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • libFLAC++6-1.3.0-11 is installed
  • OR libFLAC++6-32bit-1.3.0-11 is installed
  • OR libFLAC8-1.3.0-11 is installed
  • OR libFLAC8-32bit-1.3.0-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • gstreamer-plugins-good-1.8.3-15 is installed
  • OR gstreamer-plugins-good-lang-1.8.3-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • java-11-openjdk-11.0.7.0-3.42 is installed
  • OR java-11-openjdk-accessibility-11.0.7.0-3.42 is installed
  • OR java-11-openjdk-javadoc-11.0.7.0-3.42 is installed
  • OR java-11-openjdk-jmods-11.0.7.0-3.42 is installed
  • OR java-11-openjdk-src-11.0.7.0-3.42 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • ecryptfs-utils-103-7 is installed
  • OR ecryptfs-utils-32bit-103-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • ctdb-4.2.4-28.29 is installed
  • OR libdcerpc-binding0-4.2.4-28.29 is installed
  • OR libdcerpc-binding0-32bit-4.2.4-28.29 is installed
  • OR libdcerpc0-4.2.4-28.29 is installed
  • OR libdcerpc0-32bit-4.2.4-28.29 is installed
  • OR libgensec0-4.2.4-28.29 is installed
  • OR libgensec0-32bit-4.2.4-28.29 is installed
  • OR libndr-krb5pac0-4.2.4-28.29 is installed
  • OR libndr-krb5pac0-32bit-4.2.4-28.29 is installed
  • OR libndr-nbt0-4.2.4-28.29 is installed
  • OR libndr-nbt0-32bit-4.2.4-28.29 is installed
  • OR libndr-standard0-4.2.4-28.29 is installed
  • OR libndr-standard0-32bit-4.2.4-28.29 is installed
  • OR libndr0-4.2.4-28.29 is installed
  • OR libndr0-32bit-4.2.4-28.29 is installed
  • OR libnetapi0-4.2.4-28.29 is installed
  • OR libnetapi0-32bit-4.2.4-28.29 is installed
  • OR libregistry0-4.2.4-28.29 is installed
  • OR libsamba-credentials0-4.2.4-28.29 is installed
  • OR libsamba-credentials0-32bit-4.2.4-28.29 is installed
  • OR libsamba-hostconfig0-4.2.4-28.29 is installed
  • OR libsamba-hostconfig0-32bit-4.2.4-28.29 is installed
  • OR libsamba-passdb0-4.2.4-28.29 is installed
  • OR libsamba-passdb0-32bit-4.2.4-28.29 is installed
  • OR libsamba-util0-4.2.4-28.29 is installed
  • OR libsamba-util0-32bit-4.2.4-28.29 is installed
  • OR libsamdb0-4.2.4-28.29 is installed
  • OR libsamdb0-32bit-4.2.4-28.29 is installed
  • OR libsmbclient-raw0-4.2.4-28.29 is installed
  • OR libsmbclient-raw0-32bit-4.2.4-28.29 is installed
  • OR libsmbclient0-4.2.4-28.29 is installed
  • OR libsmbclient0-32bit-4.2.4-28.29 is installed
  • OR libsmbconf0-4.2.4-28.29 is installed
  • OR libsmbconf0-32bit-4.2.4-28.29 is installed
  • OR libsmbldap0-4.2.4-28.29 is installed
  • OR libsmbldap0-32bit-4.2.4-28.29 is installed
  • OR libtevent-util0-4.2.4-28.29 is installed
  • OR libtevent-util0-32bit-4.2.4-28.29 is installed
  • OR libwbclient0-4.2.4-28.29 is installed
  • OR libwbclient0-32bit-4.2.4-28.29 is installed
  • OR samba-4.2.4-28.29 is installed
  • OR samba-32bit-4.2.4-28.29 is installed
  • OR samba-client-4.2.4-28.29 is installed
  • OR samba-client-32bit-4.2.4-28.29 is installed
  • OR samba-doc-4.2.4-28.29 is installed
  • OR samba-libs-4.2.4-28.29 is installed
  • OR samba-libs-32bit-4.2.4-28.29 is installed
  • OR samba-winbind-4.2.4-28.29 is installed
  • OR samba-winbind-32bit-4.2.4-28.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND apache-commons-httpclient-3.1-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • openssh-7.2p2-74.25 is installed
  • OR openssh-askpass-gnome-7.2p2-74.25 is installed
  • OR openssh-fips-7.2p2-74.25 is installed
  • OR openssh-helpers-7.2p2-74.25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_90-92_50-default-11-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_15-11-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.39 is installed
  • OR openssl-1.0.2j-60.39 is installed
  • OR openssl-doc-1.0.2j-60.39 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • cracklib-2.9.0-7 is installed
  • OR libcrack2-2.9.0-7 is installed
  • OR libcrack2-32bit-2.9.0-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • postgresql96-9.6.15-3.29 is installed
  • OR postgresql96-contrib-9.6.15-3.29 is installed
  • OR postgresql96-docs-9.6.15-3.29 is installed
  • OR postgresql96-libs-9.6.15-3.29 is installed
  • OR postgresql96-plperl-9.6.15-3.29 is installed
  • OR postgresql96-plpython-9.6.15-3.29 is installed
  • OR postgresql96-pltcl-9.6.15-3.29 is installed
  • OR postgresql96-server-9.6.15-3.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • xen-4.9.4_04-3.56 is installed
  • OR xen-doc-html-4.9.4_04-3.56 is installed
  • OR xen-libs-4.9.4_04-3.56 is installed
  • OR xen-libs-32bit-4.9.4_04-3.56 is installed
  • OR xen-tools-4.9.4_04-3.56 is installed
  • OR xen-tools-domU-4.9.4_04-3.56 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_140-94_42-default-10-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_15-10-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND shadow-4.2.1-27.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND apache2-mod_nss-1.0.14-19.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • freeradius-server-3.0.16-3.6 is installed
  • OR freeradius-server-devel-3.0.16-3.6 is installed
  • OR freeradius-server-krb5-3.0.16-3.6 is installed
  • OR freeradius-server-ldap-3.0.16-3.6 is installed
  • OR freeradius-server-libs-3.0.16-3.6 is installed
  • OR freeradius-server-mysql-3.0.16-3.6 is installed
  • OR freeradius-server-perl-3.0.16-3.6 is installed
  • OR freeradius-server-postgresql-3.0.16-3.6 is installed
  • OR freeradius-server-python-3.0.16-3.6 is installed
  • OR freeradius-server-sqlite-3.0.16-3.6 is installed
  • OR freeradius-server-utils-3.0.16-3.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • libpython3_6m1_0-3.6.10-3.56 is installed
  • OR python3-3.6.10-3.56 is installed
  • OR python3-base-3.6.10-3.56 is installed
  • OR python3-curses-3.6.10-3.56 is installed
  • OR python3-dbm-3.6.10-3.56 is installed
  • OR python3-devel-3.6.10-3.56 is installed
  • OR python3-idle-3.6.10-3.56 is installed
  • OR python3-tk-3.6.10-3.56 is installed
  • OR python3-tools-3.6.10-3.56 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • LibVNCServer-0.9.10-4.14 is installed
  • OR libvncclient0-0.9.10-4.14 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND ruby2.1-rubygem-actionpack-4_2-4.2.2-2 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • xen-4.7.6_06-43.54 is installed
  • OR xen-doc-html-4.7.6_06-43.54 is installed
  • OR xen-libs-4.7.6_06-43.54 is installed
  • OR xen-libs-32bit-4.7.6_06-43.54 is installed
  • OR xen-tools-4.7.6_06-43.54 is installed
  • OR xen-tools-domU-4.7.6_06-43.54 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • postgresql96-9.6.15-3.29 is installed
  • OR postgresql96-contrib-9.6.15-3.29 is installed
  • OR postgresql96-docs-9.6.15-3.29 is installed
  • OR postgresql96-libs-9.6.15-3.29 is installed
  • OR postgresql96-plperl-9.6.15-3.29 is installed
  • OR postgresql96-plpython-9.6.15-3.29 is installed
  • OR postgresql96-pltcl-9.6.15-3.29 is installed
  • OR postgresql96-server-9.6.15-3.29 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND python-SQLAlchemy-1.2.10-3.3 is installed
    • BACK