Revision Date: | 2020-12-01 | Version: | 1 |
Title: | Security update for java-1_8_0-ibm (Moderate) |
Description: |
This update for java-1_8_0-ibm to 8.0.5.20 fixes the following issues:
- CVE-2018-2952: Vulnerability in subcomponent: Concurrency. Difficult to exploit vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit (bsc#1104668). - CVE-2018-2940: Vulnerability in subcomponent: Libraries. Easily exploitable vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data (bsc#1104668). - CVE-2018-2973: Vulnerability in subcomponent: JSSE. Difficult to exploit vulnerability allowed unauthenticated attacker with network access via SSL/TLS to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data (bsc#1104668). - CVE-2018-2964: Vulnerability in subcomponent: Deployment. Difficult to exploit vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Java SE. (bsc#1104668). - CVE-2016-0705: Prevent double free in the dsa_priv_decode function that allowed remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed DSA private key (bsc#1104668). - CVE-2017-3732: Prevent carry propagating bug in the x86_64 Montgomery squaring procedure (bsc#1104668). - CVE-2017-3736: Prevent carry propagating bug in the x86_64 Montgomery squaring procedure (bsc#1104668). - CVE-2018-12539: Users other than the process owner might have been able to use Java Attach API to connect to an IBM JVM on the same machine and use Attach API operations, which includes the ability to execute untrusted native code (bsc#1104668) - CVE-2018-1517: Unspecified vulnerability (bsc#1104668). - CVE-2018-1656: Unspecified vulnerability (bsc#1104668)
|
Family: | unix | Class: | patch |
Status: | | Reference(s): | 1055186 1065600 1065729 1094244 1104668 1112178 1113956 1154366 1167527 1168468 1169972 1171675 1171688 1171742 1173115 1174899 1175228 1175686 1175749 1175882 1176011 1176022 1176038 1176235 1176242 1176278 1176316 1176317 1176318 1176319 1176320 1176321 1176381 1176395 1176410 1176423 1176482 1176507 1176536 1176544 1176545 1176546 1176548 1176659 1176698 1176699 1176700 1176721 1176722 1176725 1176732 1176788 1176789 1176869 1176877 1176935 1176950 1176962 1176966 1176990 1177027 1177030 1177041 1177042 1177043 1177044 1177121 1177206 1177258 1177291 1177293 1177294 1177295 1177296 902408 902409 902410 903204 903216 903638 905260 CVE-2006-4484 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 CVE-2009-1187 CVE-2009-1188 CVE-2009-2666 CVE-2009-3607 CVE-2009-3608 CVE-2010-1167 CVE-2010-1205 CVE-2010-2074 CVE-2010-4352 CVE-2011-0460 CVE-2011-1521 CVE-2011-1946 CVE-2011-1947 CVE-2011-2501 CVE-2011-2690 CVE-2011-2691 CVE-2011-2692 CVE-2011-3026 CVE-2011-3048 CVE-2011-3328 CVE-2011-3389 CVE-2011-3464 CVE-2011-4944 CVE-2012-0845 CVE-2012-1150 CVE-2012-2812 CVE-2012-2813 CVE-2012-2814 CVE-2012-2836 CVE-2012-2837 CVE-2012-2840 CVE-2012-2841 CVE-2012-3386 CVE-2012-3386 CVE-2012-3482 CVE-2012-3524 CVE-2012-4929 CVE-2013-1752 CVE-2013-1753 CVE-2013-1788 CVE-2013-1789 CVE-2013-1790 CVE-2013-2168 CVE-2013-4238 CVE-2013-4473 CVE-2013-4474 CVE-2014-1912 CVE-2014-3477 CVE-2014-3532 CVE-2014-3533 CVE-2014-3635 CVE-2014-3636 CVE-2014-3637 CVE-2014-3638 CVE-2014-3639 CVE-2014-3695 CVE-2014-3696 CVE-2014-3698 CVE-2014-4650 CVE-2014-7185 CVE-2014-7824 CVE-2014-8148 CVE-2014-8354 CVE-2014-8355 CVE-2014-8562 CVE-2014-8716 CVE-2015-0245 CVE-2015-8126 CVE-2016-0705 CVE-2016-9434 CVE-2016-9435 CVE-2016-9436 CVE-2016-9437 CVE-2016-9438 CVE-2016-9439 CVE-2016-9440 CVE-2016-9441 CVE-2016-9442 CVE-2016-9443 CVE-2016-9621 CVE-2016-9622 CVE-2016-9623 CVE-2016-9624 CVE-2016-9625 CVE-2016-9626 CVE-2016-9627 CVE-2016-9628 CVE-2016-9629 CVE-2016-9630 CVE-2016-9631 CVE-2016-9632 CVE-2016-9633 CVE-2017-1000456 CVE-2017-14517 CVE-2017-14518 CVE-2017-14520 CVE-2017-14617 CVE-2017-14928 CVE-2017-14975 CVE-2017-14976 CVE-2017-14977 CVE-2017-15565 CVE-2017-3732 CVE-2017-3736 CVE-2017-7511 CVE-2017-7515 CVE-2017-9406 CVE-2017-9408 CVE-2017-9775 CVE-2017-9776 CVE-2017-9865 CVE-2018-12539 CVE-2018-1517 CVE-2018-1656 CVE-2018-2940 CVE-2018-2952 CVE-2018-2964 CVE-2018-2973 CVE-2020-0404 CVE-2020-0427 CVE-2020-0431 CVE-2020-0432 CVE-2020-14381 CVE-2020-14390 CVE-2020-15663 CVE-2020-15664 CVE-2020-15669 CVE-2020-25212 CVE-2020-25284 CVE-2020-25641 CVE-2020-25643 CVE-2020-26088 SUSE-SU-2018:3082-1 SUSE-SU-2020:2552-1 SUSE-SU-2020:2905-1
|
Platform(s): | openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9
| Product(s): | |
Definition Synopsis |
openSUSE Leap 15.0 is installed AND Package Information
freerdp-2.0.0~rc2-lp150.1 is installed
OR libfreerdp2-2.0.0~rc2-lp150.1 is installed
OR libwinpr2-2.0.0~rc2-lp150.1 is installed
|
Definition Synopsis |
openSUSE Leap 15.1 is installed
AND apache2-mod_auth_openidc-2.3.8-lp151.2.3 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 11 SP2 is installed
AND Package Information
libpoppler-glib4-0.12.3-1.8 is installed
OR libpoppler-qt4-3-0.12.3-1.8 is installed
OR libpoppler5-0.12.3-1.8 is installed
OR poppler-tools-0.12.3-1.8 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 11 SP3 is installed
AND Package Information
MozillaFirefox-38.4.0esr-25 is installed
OR MozillaFirefox-branding-SLED-38-15 is installed
OR MozillaFirefox-translations-38.4.0esr-25 is installed
OR libfreebl3-3.19.2.1-19 is installed
OR libfreebl3-32bit-3.19.2.1-19 is installed
OR libsoftokn3-3.19.2.1-19 is installed
OR libsoftokn3-32bit-3.19.2.1-19 is installed
OR mozilla-nspr-4.10.10-16 is installed
OR mozilla-nspr-32bit-4.10.10-16 is installed
OR mozilla-nss-3.19.2.1-19 is installed
OR mozilla-nss-32bit-3.19.2.1-19 is installed
OR mozilla-nss-tools-3.19.2.1-19 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 11 SP4 is installed
AND Package Information
flash-player-11.2.202.535-0.20 is installed
OR flash-player-gnome-11.2.202.535-0.20 is installed
OR flash-player-kde4-11.2.202.535-0.20 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 is installed
AND kbd-1.15.5-7 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 SP1 is installed
AND fetchmail-6.3.26-5 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 SP2 is installed
AND libpng15-15-1.5.22-4 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 SP3 is installed
AND Package Information
dbus-1-1.8.22-28 is installed
OR dbus-1-x11-1.8.22-28 is installed
OR libdbus-1-3-1.8.22-28 is installed
OR libdbus-1-3-32bit-1.8.22-28 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 SP4 is installed
AND Package Information
libpoppler-glib8-0.43.0-16.15 is installed
OR libpoppler-qt4-4-0.43.0-16.15 is installed
OR libpoppler60-0.43.0-16.15 is installed
OR poppler-tools-0.43.0-16.15 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Module for Legacy Software 15 is installed
AND Package Information
java-1_8_0-ibm-1.8.0_sr5.20-3.6 is installed
OR java-1_8_0-ibm-alsa-1.8.0_sr5.20-3.6 is installed
OR java-1_8_0-ibm-devel-1.8.0_sr5.20-3.6 is installed
OR java-1_8_0-ibm-plugin-1.8.0_sr5.20-3.6 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed
AND Package Information
kernel-default-4.12.14-197.61 is installed
OR reiserfs-kmp-default-4.12.14-197.61 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP1 is installed
AND patch-2.7.5-7 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP1-LTSS is installed
AND Package Information
qemu-2.3.1-33.3 is installed
OR qemu-block-curl-2.3.1-33.3 is installed
OR qemu-block-rbd-2.3.1-33.3 is installed
OR qemu-guest-agent-2.3.1-33.3 is installed
OR qemu-ipxe-1.0.0-33.3 is installed
OR qemu-kvm-2.3.1-33.3 is installed
OR qemu-lang-2.3.1-33.3 is installed
OR qemu-ppc-2.3.1-33.3 is installed
OR qemu-s390-2.3.1-33.3 is installed
OR qemu-seabios-1.8.1-33.3 is installed
OR qemu-sgabios-8-33.3 is installed
OR qemu-tools-2.3.1-33.3 is installed
OR qemu-vgabios-1.8.1-33.3 is installed
OR qemu-x86-2.3.1-33.3 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP2 is installed
AND Package Information
eog-3.20.4-7 is installed
OR eog-lang-3.20.4-7 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP2-BCL is installed
AND Package Information
glibc-2.22-62.13 is installed
OR glibc-32bit-2.22-62.13 is installed
OR glibc-devel-2.22-62.13 is installed
OR glibc-devel-32bit-2.22-62.13 is installed
OR glibc-html-2.22-62.13 is installed
OR glibc-i18ndata-2.22-62.13 is installed
OR glibc-info-2.22-62.13 is installed
OR glibc-locale-2.22-62.13 is installed
OR glibc-locale-32bit-2.22-62.13 is installed
OR glibc-profile-2.22-62.13 is installed
OR glibc-profile-32bit-2.22-62.13 is installed
OR nscd-2.22-62.13 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
AND Package Information
java-1_7_0-openjdk-1.7.0.181-43.15 is installed
OR java-1_7_0-openjdk-demo-1.7.0.181-43.15 is installed
OR java-1_7_0-openjdk-devel-1.7.0.181-43.15 is installed
OR java-1_7_0-openjdk-headless-1.7.0.181-43.15 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP2-LTSS is installed
AND Package Information
kgraft-patch-4_4_103-92_53-default-6-2 is installed
OR kgraft-patch-SLE12-SP2_Update_16-6-2 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3 is installed
AND libcares2-1.9.1-5 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-BCL is installed
AND Package Information
evince-3.20.2-6.27 is installed
OR evince-browser-plugin-3.20.2-6.27 is installed
OR evince-lang-3.20.2-6.27 is installed
OR evince-plugin-djvudocument-3.20.2-6.27 is installed
OR evince-plugin-dvidocument-3.20.2-6.27 is installed
OR evince-plugin-pdfdocument-3.20.2-6.27 is installed
OR evince-plugin-psdocument-3.20.2-6.27 is installed
OR evince-plugin-tiffdocument-3.20.2-6.27 is installed
OR evince-plugin-xpsdocument-3.20.2-6.27 is installed
OR libevdocument3-4-3.20.2-6.27 is installed
OR libevview3-3-3.20.2-6.27 is installed
OR nautilus-evince-3.20.2-6.27 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
AND Package Information
kgraft-patch-4_4_156-94_61-default-8-2 is installed
OR kgraft-patch-SLE12-SP3_Update_19-8-2 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-LTSS is installed
AND Package Information
libecpg6-10.9-1.12 is installed
OR libpq5-10.9-1.12 is installed
OR libpq5-32bit-10.9-1.12 is installed
OR postgresql10-10.9-1.12 is installed
OR postgresql10-contrib-10.9-1.12 is installed
OR postgresql10-docs-10.9-1.12 is installed
OR postgresql10-libs-10.9-1.12 is installed
OR postgresql10-plperl-10.9-1.12 is installed
OR postgresql10-plpython-10.9-1.12 is installed
OR postgresql10-pltcl-10.9-1.12 is installed
OR postgresql10-server-10.9-1.12 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
AND Package Information
libQtWebKit4-4.8.7+2.3.4-4.7 is installed
OR libQtWebKit4-32bit-4.8.7+2.3.4-4.7 is installed
OR libqca2-2.0.3-17.7 is installed
OR libqca2-32bit-2.0.3-17.7 is installed
OR libqt4-4.8.7-8.8 is installed
OR libqt4-32bit-4.8.7-8.8 is installed
OR libqt4-devel-doc-4.8.7-8.8 is installed
OR libqt4-qt3support-4.8.7-8.8 is installed
OR libqt4-qt3support-32bit-4.8.7-8.8 is installed
OR libqt4-sql-4.8.7-8.8 is installed
OR libqt4-sql-32bit-4.8.7-8.8 is installed
OR libqt4-sql-mysql-4.8.7-8.8 is installed
OR libqt4-sql-plugins-4.8.7-8.8 is installed
OR libqt4-sql-sqlite-4.8.7-8.8 is installed
OR libqt4-x11-4.8.7-8.8 is installed
OR libqt4-x11-32bit-4.8.7-8.8 is installed
OR qt4-x11-tools-4.8.7-8.8 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP4 is installed
AND Package Information
gdk-pixbuf-loader-rsvg-2.40.20-5.6 is installed
OR librsvg-2-2-2.40.20-5.6 is installed
OR librsvg-2-2-32bit-2.40.20-5.6 is installed
OR rsvg-view-2.40.20-5.6 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
AND Package Information
MozillaThunderbird-68.12.0-3.94 is installed
OR MozillaThunderbird-translations-common-68.12.0-3.94 is installed
OR MozillaThunderbird-translations-other-68.12.0-3.94 is installed
|
Definition Synopsis |
SUSE OpenStack Cloud 7 is installed
AND Package Information
ghostscript-9.26a-23.19 is installed
OR ghostscript-x11-9.26a-23.19 is installed
OR libspectre-0.2.7-12.6 is installed
OR libspectre1-0.2.7-12.6 is installed
|
Definition Synopsis |
SUSE OpenStack Cloud 8 is installed
AND slf4j-1.7.12-3.3 is installed
|
Definition Synopsis |
SUSE OpenStack Cloud Crowbar 8 is installed
AND Package Information
libmysqlclient18-10.0.38-29.27 is installed
OR mariadb-10.0.38-29.27 is installed
|
Definition Synopsis |
SUSE OpenStack Cloud Crowbar 9 is installed
AND python-SQLAlchemy-1.2.10-3.3 is installed
|