Oval Definition:	oval:org.opensuse.security:def:53004
Revision Date: 2020-12-01 Version: 1 Title: Security update for java-11-openjdk (Important) Description: This update for java-11-openjdk fixes the following issues: Java was updated to jdk-11.0.7+10 (April 2020 CPU, bsc#1169511). Security issues fixed: - CVE-2020-2754: Fixed an incorrect handling of regular expressions that could have resulted in denial of service (bsc#1169511). - CVE-2020-2755: Fixed an incorrect handling of regular expressions that could have resulted in denial of service (bsc#1169511). - CVE-2020-2756: Fixed an incorrect handling of regular expressions that could have resulted in denial of service (bsc#1169511). - CVE-2020-2757: Fixed an object deserialization issue that could have resulted in denial of service via crafted serialized input (bsc#1169511). - CVE-2020-2767: Fixed an incorrect handling of certificate messages during TLS handshakes (bsc#1169511). - CVE-2020-2773: Fixed the incorrect handling of exceptions thrown by unmarshalKeyInfo() and unmarshalXMLSignature() (bsc#1169511). - CVE-2020-2778: Fixed the incorrect handling of SSLParameters in setAlgorithmConstraints(), which could have been abused to override the defined systems security policy and lead to the use of weak crypto algorithms (bsc#1169511). - CVE-2020-2781: Fixed the incorrect re-use of single null TLS sessions (bsc#1169511). - CVE-2020-2800: Fixed an HTTP header injection issue caused by mishandling of CR/LF in header values (bsc#1169511). - CVE-2020-2803: Fixed a boundary check and type check issue that could have led to a sandbox bypass (bsc#1169511). - CVE-2020-2805: Fixed a boundary check and type check issue that could have led to a sandbox bypass (bsc#1169511). - CVE-2020-2816: Fixed an incorrect handling of application data packets during TLS handshakes (bsc#1169511). - CVE-2020-2830: Fixed an incorrect handling of regular expressions that could have resulted in denial of service (bsc#1169511). Family: unix Class: patch Status: Reference(s): 1001066 1007245 1009318 1011130 1011136 1013376 1014159 1015941 1051510 1055117 1071995 1083647 1083710 1103991 1111666 1119222 1123080 1127034 1127315 1129770 1133021 1134097 1134390 1134399 1135335 1135642 1137458 1137534 1137535 1137584 1137609 1137827 1139358 1140133 1140139 1140322 1140652 1140887 1140888 1140889 1140891 1140893 1140903 1140945 1140948 1140954 1140955 1140956 1140957 1140958 1140959 1140960 1140961 1140962 1140964 1140971 1140972 1140992 1141401 1141402 1141452 1141453 1141454 1141478 1142023 1142112 1142220 1142221 1142265 1142350 1142351 1142354 1142359 1142450 1142701 1142868 1143003 1143105 1143185 1143189 1143191 1143507 1167462 1169511 864081 905313 906371 909053 910599 915526 915985 916222 950437 960382 CVE-2010-2242 CVE-2011-1146 CVE-2011-2485 CVE-2011-2511 CVE-2011-4349 CVE-2011-4600 CVE-2012-2673 CVE-2012-3386 CVE-2012-3445 CVE-2013-0170 CVE-2013-1962 CVE-2013-2218 CVE-2013-2230 CVE-2013-4153 CVE-2013-4154 CVE-2013-4239 CVE-2013-4296 CVE-2013-4297 CVE-2013-4311 CVE-2013-4399 CVE-2013-4400 CVE-2013-4401 CVE-2013-6436 CVE-2013-6456 CVE-2013-6457 CVE-2013-6458 CVE-2013-6473 CVE-2013-6474 CVE-2013-6475 CVE-2013-6476 CVE-2013-7423 CVE-2014-0028 CVE-2014-0179 CVE-2014-1447 CVE-2014-2653 CVE-2014-2707 CVE-2014-3230 CVE-2014-3633 CVE-2014-3657 CVE-2014-4336 CVE-2014-4337 CVE-2014-4338 CVE-2014-7817 CVE-2014-7823 CVE-2014-8131 CVE-2014-9402 CVE-2014-9848 CVE-2015-0236 CVE-2015-1472 CVE-2015-2265 CVE-2015-3258 CVE-2015-3279 CVE-2015-4491 CVE-2015-5247 CVE-2015-5313 CVE-2015-5352 CVE-2015-5600 CVE-2015-6563 CVE-2015-6564 CVE-2015-7552 CVE-2015-7673 CVE-2015-7674 CVE-2015-7830 CVE-2015-8325 CVE-2015-8327 CVE-2015-8560 CVE-2015-8711 CVE-2015-8712 CVE-2015-8713 CVE-2015-8714 CVE-2015-8715 CVE-2015-8716 CVE-2015-8717 CVE-2015-8718 CVE-2015-8719 CVE-2015-8720 CVE-2015-8721 CVE-2015-8722 CVE-2015-8723 CVE-2015-8724 CVE-2015-8725 CVE-2015-8726 CVE-2015-8727 CVE-2015-8728 CVE-2015-8729 CVE-2015-8730 CVE-2015-8731 CVE-2015-8732 CVE-2015-8733 CVE-2016-0777 CVE-2016-0778 CVE-2016-1908 CVE-2016-3115 CVE-2016-6210 CVE-2016-6352 CVE-2016-6515 CVE-2016-6823 CVE-2016-8707 CVE-2016-8862 CVE-2016-8866 CVE-2016-9556 CVE-2016-9559 CVE-2016-9773 CVE-2016-9957 CVE-2016-9958 CVE-2016-9959 CVE-2016-9960 CVE-2016-9961 CVE-2017-1000256 CVE-2017-18201 CVE-2017-2635 CVE-2017-5715 CVE-2018-1064 CVE-2018-20855 CVE-2018-3639 CVE-2018-5748 CVE-2019-1125 CVE-2019-11810 CVE-2019-13631 CVE-2019-13648 CVE-2019-14283 CVE-2019-14284 CVE-2020-2754 CVE-2020-2755 CVE-2020-2756 CVE-2020-2757 CVE-2020-2767 CVE-2020-2773 CVE-2020-2778 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2816 CVE-2020-2830 SUSE-SU-2015:0526-1 SUSE-SU-2016:0109-1 SUSE-SU-2016:2952-1 SUSE-SU-2016:3250-1 SUSE-SU-2016:3258-1 SUSE-SU-2019:2068-1 SUSE-SU-2020:1511-2 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.0 NonFree openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 SUSE Linux Enterprise Module for Public Cloud 15 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND libXfont2-2-2.0.3-lp150.1 is installed Definition Synopsis openSUSE Leap 15.0 NonFree is installed AND opera-63.0.3368.66-lp151.2.6 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information GraphicsMagick-1.3.29-lp151.4.6 is installed OR GraphicsMagick-devel-1.3.29-lp151.4.6 is installed OR libGraphicsMagick++-Q16-12-1.3.29-lp151.4.6 is installed OR libGraphicsMagick++-devel-1.3.29-lp151.4.6 is installed OR libGraphicsMagick-Q16-3-1.3.29-lp151.4.6 is installed OR libGraphicsMagick3-config-1.3.29-lp151.4.6 is installed OR libGraphicsMagickWand-Q16-2-1.3.29-lp151.4.6 is installed OR perl-GraphicsMagick-1.3.29-lp151.4.6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND postgresql-8.3.23-0.4 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information curl-7.19.7-1.40 is installed OR libcurl4-7.19.7-1.40 is installed OR libcurl4-32bit-7.19.7-1.40 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information glibc-2.19-20 is installed OR glibc-32bit-2.19-20 is installed OR glibc-devel-2.19-20 is installed OR glibc-devel-32bit-2.19-20 is installed OR glibc-i18ndata-2.19-20 is installed OR glibc-locale-2.19-20 is installed OR glibc-locale-32bit-2.19-20 is installed OR nscd-2.19-20 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND perl-LWP-Protocol-https-6.04-5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information colord-1.3.3-10 is installed OR colord-gtk-lang-0.1.26-6 is installed OR colord-lang-1.3.3-10 is installed OR libcolord-gtk1-0.1.26-6 is installed OR libcolord2-1.3.3-10 is installed OR libcolord2-32bit-1.3.3-10 is installed OR libcolorhug2-1.3.3-10 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information cups-filters-1.0.58-17 is installed OR cups-filters-cups-browsed-1.0.58-17 is installed OR cups-filters-foomatic-rip-1.0.58-17 is installed OR cups-filters-ghostscript-1.0.58-17 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libcdio14-0.90-6.3 is installed OR libcdio14-32bit-0.90-6.3 is installed OR libiso9660-8-0.90-6.3 is installed Definition Synopsis SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed AND Package Information java-11-openjdk-11.0.7.0-3.42 is installed OR java-11-openjdk-javadoc-11.0.7.0-3.42 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 15 is installed AND Package Information kernel-azure-4.12.14-5.38 is installed OR kernel-azure-base-4.12.14-5.38 is installed OR kernel-azure-devel-4.12.14-5.38 is installed OR kernel-devel-azure-4.12.14-5.38 is installed OR kernel-source-azure-4.12.14-5.38 is installed OR kernel-syms-azure-4.12.14-5.38 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information cups-filters-1.0.58-8 is installed OR cups-filters-cups-browsed-1.0.58-8 is installed OR cups-filters-foomatic-rip-1.0.58-8 is installed OR cups-filters-ghostscript-1.0.58-8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_63-default-6-2 is installed OR kgraft-patch-3_12_74-60_64_63-xen-6-2 is installed OR kgraft-patch-SLE12-SP1_Update_22-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information kernel-default-4.4.21-69 is installed OR kernel-default-base-4.4.21-69 is installed OR kernel-default-devel-4.4.21-69 is installed OR kernel-default-man-4.4.21-69 is installed OR kernel-devel-4.4.21-69 is installed OR kernel-macros-4.4.21-69 is installed OR kernel-source-4.4.21-69 is installed OR kernel-syms-4.4.21-69 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libQt5Concurrent5-5.6.1-17.6 is installed OR libQt5Core5-5.6.1-17.6 is installed OR libQt5DBus5-5.6.1-17.6 is installed OR libQt5Gui5-5.6.1-17.6 is installed OR libQt5Network5-5.6.1-17.6 is installed OR libQt5OpenGL5-5.6.1-17.6 is installed OR libQt5PrintSupport5-5.6.1-17.6 is installed OR libQt5Sql5-5.6.1-17.6 is installed OR libQt5Sql5-mysql-5.6.1-17.6 is installed OR libQt5Sql5-postgresql-5.6.1-17.6 is installed OR libQt5Sql5-sqlite-5.6.1-17.6 is installed OR libQt5Sql5-unixODBC-5.6.1-17.6 is installed OR libQt5Test5-5.6.1-17.6 is installed OR libQt5Widgets5-5.6.1-17.6 is installed OR libQt5Xml5-5.6.1-17.6 is installed OR libqt5-qtbase-5.6.1-17.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libvirt-2.0.0-27.42 is installed OR libvirt-client-2.0.0-27.42 is installed OR libvirt-daemon-2.0.0-27.42 is installed OR libvirt-daemon-config-network-2.0.0-27.42 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-interface-2.0.0-27.42 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.42 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.42 is installed OR libvirt-daemon-driver-network-2.0.0-27.42 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.42 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.42 is installed OR libvirt-daemon-driver-secret-2.0.0-27.42 is installed OR libvirt-daemon-driver-storage-2.0.0-27.42 is installed OR libvirt-daemon-hooks-2.0.0-27.42 is installed OR libvirt-daemon-lxc-2.0.0-27.42 is installed OR libvirt-daemon-qemu-2.0.0-27.42 is installed OR libvirt-daemon-xen-2.0.0-27.42 is installed OR libvirt-doc-2.0.0-27.42 is installed OR libvirt-lock-sanlock-2.0.0-27.42 is installed OR libvirt-nss-2.0.0-27.42 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kernel-default-4.4.121-92.85 is installed OR kernel-default-base-4.4.121-92.85 is installed OR kernel-default-devel-4.4.121-92.85 is installed OR kernel-default-man-4.4.121-92.85 is installed OR kernel-devel-4.4.121-92.85 is installed OR kernel-macros-4.4.121-92.85 is installed OR kernel-source-4.4.121-92.85 is installed OR kernel-syms-4.4.121-92.85 is installed OR kgraft-patch-4_4_121-92_85-default-1-3.5 is installed OR kgraft-patch-SLE12-SP2_Update_23-1-3.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information gpgme-1.5.1-1 is installed OR libgpgme11-1.5.1-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libjpeg-turbo-1.5.3-31.19 is installed OR libjpeg62-62.2.0-31.19 is installed OR libjpeg62-32bit-62.2.0-31.19 is installed OR libjpeg62-turbo-1.5.3-31.19 is installed OR libjpeg8-8.1.2-31.19 is installed OR libjpeg8-32bit-8.1.2-31.19 is installed OR libturbojpeg0-8.1.2-31.19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information dovecot22-2.2.31-19.11 is installed OR dovecot22-backend-mysql-2.2.31-19.11 is installed OR dovecot22-backend-pgsql-2.2.31-19.11 is installed OR dovecot22-backend-sqlite-2.2.31-19.11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information MozillaFirefox-52.9.0esr-109.38 is installed OR MozillaFirefox-translations-52.9.0esr-109.38 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND ruby2.1-rubygem-activerecord-4_2-4.2.2-5 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND python-Django-1.8.19-3.15 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information bzip2-1.0.6-30.5 is installed OR bzip2-doc-1.0.6-30.5 is installed OR libbz2-1-1.0.6-30.5 is installed OR libbz2-1-32bit-1.0.6-30.5 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND python-paramiko-2.2.4-4.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information crowbar-core-6.0+git.1571412352.8da4d261f-3.13 is installed OR crowbar-core-branding-upstream-6.0+git.1571412352.8da4d261f-3.13 is installed OR crowbar-openstack-6.0+git.1572264221.3826a58b8-3.13 is installed OR grafana-6.2.5-3.9 is installed OR openstack-cinder-13.0.8~dev8-3.13 is installed OR openstack-cinder-api-13.0.8~dev8-3.13 is installed OR openstack-cinder-backup-13.0.8~dev8-3.13 is installed OR openstack-cinder-scheduler-13.0.8~dev8-3.13 is installed OR openstack-cinder-volume-13.0.8~dev8-3.13 is installed OR openstack-dashboard-14.0.5~dev1-3.9 is installed OR openstack-horizon-plugin-manila-ui-2.16.2~dev2-3.3 is installed OR openstack-keystone-14.1.1~dev26-3.13 is installed OR openstack-manila-7.3.1~dev15-4.13 is installed OR openstack-manila-api-7.3.1~dev15-4.13 is installed OR openstack-manila-data-7.3.1~dev15-4.13 is installed OR openstack-manila-scheduler-7.3.1~dev15-4.13 is installed OR openstack-manila-share-7.3.1~dev15-4.13 is installed OR openstack-neutron-13.0.6~dev3-3.13 is installed OR openstack-neutron-dhcp-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-fwaas-13.0.3~dev2-3.6 is installed OR openstack-neutron-ha-tool-13.0.6~dev3-3.13 is installed OR openstack-neutron-l3-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-lbaas-13.0.1~dev15-3.10 is installed OR openstack-neutron-lbaas-agent-13.0.1~dev15-3.10 is installed OR openstack-neutron-linuxbridge-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-macvtap-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-metadata-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-metering-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-openvswitch-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-server-13.0.6~dev3-3.13 is installed OR openstack-nova-18.2.4~dev18-3.13 is installed OR openstack-nova-api-18.2.4~dev18-3.13 is installed OR openstack-nova-cells-18.2.4~dev18-3.13 is installed OR openstack-nova-compute-18.2.4~dev18-3.13 is installed OR openstack-nova-conductor-18.2.4~dev18-3.13 is installed OR openstack-nova-console-18.2.4~dev18-3.13 is installed OR openstack-nova-novncproxy-18.2.4~dev18-3.13 is installed OR openstack-nova-placement-api-18.2.4~dev18-3.13 is installed OR openstack-nova-scheduler-18.2.4~dev18-3.13 is installed OR openstack-nova-serialproxy-18.2.4~dev18-3.13 is installed OR openstack-nova-vncproxy-18.2.4~dev18-3.13 is installed OR openstack-octavia-3.2.1~dev1-3.13 is installed OR openstack-octavia-amphora-agent-3.2.1~dev1-3.13 is installed OR openstack-octavia-amphora-image-0.1.1-7.3 is installed OR openstack-octavia-amphora-image-x86_64-0.1.1-7.3 is installed OR openstack-octavia-api-3.2.1~dev1-3.13 is installed OR openstack-octavia-health-manager-3.2.1~dev1-3.13 is installed OR openstack-octavia-housekeeping-3.2.1~dev1-3.13 is installed OR openstack-octavia-worker-3.2.1~dev1-3.13 is installed OR python-Django1-1.11.24-3.12 is installed OR python-cinder-13.0.8~dev8-3.13 is installed OR python-horizon-14.0.5~dev1-3.9 is installed OR python-horizon-plugin-manila-ui-2.16.2~dev2-3.3 is installed OR python-keystone-14.1.1~dev26-3.13 is installed OR python-keystonemiddleware-5.2.1-11 is installed OR python-manila-7.3.1~dev15-4.13 is installed OR python-neutron-13.0.6~dev3-3.13 is installed OR python-neutron-fwaas-13.0.3~dev2-3.6 is installed OR python-neutron-lbaas-13.0.1~dev15-3.10 is installed OR python-nova-18.2.4~dev18-3.13 is installed OR python-octavia-3.2.1~dev1-3.13 is installed OR python-octaviaclient-1.6.1-3.3 is installed OR python-openstack_auth-14.0.5~dev1-3.9 is installed OR python-os-brick-2.5.8-3.6 is installed OR python-os-brick-common-2.5.8-3.6 is installed OR python-oslo.cache-1.30.4-3.3 is installed OR python-oslo.messaging-8.1.4-3.3 is installed
BACK