Oval Definition:	oval:org.opensuse.security:def:55273
Revision Date: 2021-11-23 Version: 1 Title: Security update for java-1_8_0-openjdk (Important) Description: This update for java-1_8_0-openjdk fixes the following issues: Update to version OpenJDK 8u312 (October 2021 CPU): - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS (bsc#1191901). - CVE-2021-35556: Fixed excessive memory allocation in RTFParser (bsc#1191910). - CVE-2021-35559: Fixed excessive memory allocation in RTFReader (bsc#1191911). - CVE-2021-35561: Fixed excessive memory allocation in HashMap and HashSet (bsc#1191912). - CVE-2021-35564: Fixed certificates with end dates too far in the future can corrupt keystore (bsc#1191913). - CVE-2021-35565: Fixed loop in HttpsServer triggered during TLS session close (bsc#1191909). - CVE-2021-35567: Fixed incorrect principal selection when using Kerberos Constrained Delegation (bsc#1191903). - CVE-2021-35578: Fixed unexpected exception raised during TLS handshake (bsc#1191904). - CVE-2021-35586: Fixed excessive memory allocation in BMPImageReader (bsc#1191914). - CVE-2021-35588: Fixed incomplete validation of inner class references in ClassFileParser (bsc#1191905) - CVE-2021-35603: Fixed non-constant comparison during TLS handshakes (bsc#1191906). Family: unix Class: patch Status: Reference(s): 1004490 1006368 1007249 1009961 1039034 1040109 1040112 1040113 1040115 1049399 1049404 1049417 1054591 1072665 1081557 1101797 1113455 1135824 1191901 1191903 1191904 1191905 1191906 1191909 1191910 1191911 1191912 1191913 1191914 843509 915410 939460 939567 943457 945842 953831 955382 962765 964468 966220 968771 969820 972907 974208 978260 979208 983015 985860 987198 988408 989566 995058 995102 995620 996015 999582 CVE-2009-1720 CVE-2009-1721 CVE-2010-2761 CVE-2010-4410 CVE-2010-4411 CVE-2010-4777 CVE-2011-1521 CVE-2011-3389 CVE-2011-4944 CVE-2012-0845 CVE-2012-1150 CVE-2013-1752 CVE-2013-1753 CVE-2013-2061 CVE-2013-4238 CVE-2014-1912 CVE-2014-4650 CVE-2014-7185 CVE-2014-9512 CVE-2015-5276 CVE-2015-5477 CVE-2015-8853 CVE-2016-0772 CVE-2016-1000110 CVE-2016-1238 CVE-2016-2099 CVE-2016-2381 CVE-2016-2774 CVE-2016-4463 CVE-2016-5636 CVE-2016-5699 CVE-2016-6185 CVE-2016-8867 CVE-2017-1000158 CVE-2017-12837 CVE-2017-12883 CVE-2017-18190 CVE-2017-18207 CVE-2017-3636 CVE-2017-3641 CVE-2017-3653 CVE-2017-6512 CVE-2017-7500 CVE-2017-7501 CVE-2017-9111 CVE-2017-9112 CVE-2017-9113 CVE-2017-9115 CVE-2018-1000030 CVE-2018-10906 CVE-2018-12015 CVE-2018-18444 CVE-2018-6797 CVE-2018-6798 CVE-2018-6913 CVE-2019-11691 CVE-2019-11692 CVE-2019-11693 CVE-2019-11694 CVE-2019-11698 CVE-2019-7317 CVE-2019-9800 CVE-2019-9815 CVE-2019-9816 CVE-2019-9817 CVE-2019-9818 CVE-2019-9819 CVE-2019-9820 CVE-2021-35550 CVE-2021-35556 CVE-2021-35559 CVE-2021-35561 CVE-2021-35564 CVE-2021-35565 CVE-2021-35567 CVE-2021-35578 CVE-2021-35586 CVE-2021-35588 CVE-2021-35603 SUSE-SU-2015:1304-1 SUSE-SU-2016:0908-2 SUSE-SU-2016:1791-1 SUSE-SU-2016:2151-1 SUSE-SU-2016:2154-1 SUSE-SU-2016:3084-1 SUSE-SU-2018:0079-1 SUSE-SU-2018:0604-1 SUSE-SU-2018:3219-1 SUSE-SU-2018:3884-1 SUSE-SU-2019:1388-1 SUSE-SU-2019:1962-1 SUSE-SU-2021:3771-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND dracut-044.1-lp150.13 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libruby2_5-2_5-2.5.5-lp151.4.3 is installed OR ruby-bundled-gems-rpmhelper-0.0.2-lp151.2 is installed OR ruby2.5-2.5.5-lp151.4.3 is installed OR ruby2.5-devel-2.5.5-lp151.4.3 is installed OR ruby2.5-devel-extra-2.5.5-lp151.4.3 is installed OR ruby2.5-doc-2.5.5-lp151.4.3 is installed OR ruby2.5-doc-ri-2.5.5-lp151.4.3 is installed OR ruby2.5-stdlib-2.5.5-lp151.4.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information bind-9.9.6P1-0.12 is installed OR bind-libs-9.9.6P1-0.12 is installed OR bind-libs-32bit-9.9.6P1-0.12 is installed OR bind-utils-9.9.6P1-0.12 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information gcc5-5.3.1+r233831-10 is installed OR libgcc_s1-5.3.1+r233831-10 is installed OR libgcc_s1-32bit-5.3.1+r233831-10 is installed OR libgfortran3-5.3.1+r233831-10 is installed OR libgfortran3-32bit-5.3.1+r233831-10 is installed OR libgomp1-5.3.1+r233831-10 is installed OR libgomp1-32bit-5.3.1+r233831-10 is installed OR libquadmath0-5.3.1+r233831-10 is installed OR libquadmath0-32bit-5.3.1+r233831-10 is installed OR libstdc++6-5.3.1+r233831-10 is installed OR libstdc++6-32bit-5.3.1+r233831-10 is installed OR libstdc++6-locale-5.3.1+r233831-10 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information fuse-2.9.3-6.3 is installed OR libfuse2-2.9.3-6.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libpython2_7-1_0-2.7.13-28.11 is installed OR libpython2_7-1_0-32bit-2.7.13-28.11 is installed OR python-base-2.7.13-28.11 is installed OR python-devel-2.7.13-28.11 is installed OR python-xml-2.7.13-28.11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libIlmImf-Imf_2_1-21-2.1.0-4 is installed OR openexr-2.1.0-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information java-1_8_0-openjdk-1.8.0.144-27.5 is installed OR java-1_8_0-openjdk-demo-1.8.0.144-27.5 is installed OR java-1_8_0-openjdk-devel-1.8.0.144-27.5 is installed OR java-1_8_0-openjdk-headless-1.8.0.144-27.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND apache2-mod_perl-2.0.8-11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information java-1_8_0-openjdk-1.8.0.312-27.66.1 is installed OR java-1_8_0-openjdk-demo-1.8.0.312-27.66.1 is installed OR java-1_8_0-openjdk-devel-1.8.0.312-27.66.1 is installed OR java-1_8_0-openjdk-headless-1.8.0.312-27.66.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_114-92_64-default-11-2 is installed OR kgraft-patch-SLE12-SP2_Update_18-11-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information MozillaFirefox-60.4.0esr-109.55 is installed OR MozillaFirefox-devel-60.4.0esr-109.55 is installed OR MozillaFirefox-translations-common-60.4.0esr-109.55 is installed OR libfreebl3-3.40.1-58.18 is installed OR libfreebl3-32bit-3.40.1-58.18 is installed OR libsoftokn3-3.40.1-58.18 is installed OR libsoftokn3-32bit-3.40.1-58.18 is installed OR mozilla-nspr-4.20-19.6 is installed OR mozilla-nspr-32bit-4.20-19.6 is installed OR mozilla-nss-3.40.1-58.18 is installed OR mozilla-nss-32bit-3.40.1-58.18 is installed OR mozilla-nss-certs-3.40.1-58.18 is installed OR mozilla-nss-certs-32bit-3.40.1-58.18 is installed OR mozilla-nss-sysinit-3.40.1-58.18 is installed OR mozilla-nss-sysinit-32bit-3.40.1-58.18 is installed OR mozilla-nss-tools-3.40.1-58.18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information groff-1.22.2-5 is installed OR groff-full-1.22.2-5 is installed OR gxditview-1.22.2-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information tomcat-8.0.53-29.27 is installed OR tomcat-admin-webapps-8.0.53-29.27 is installed OR tomcat-docs-webapp-8.0.53-29.27 is installed OR tomcat-el-3_0-api-8.0.53-29.27 is installed OR tomcat-javadoc-8.0.53-29.27 is installed OR tomcat-jsp-2_3-api-8.0.53-29.27 is installed OR tomcat-lib-8.0.53-29.27 is installed OR tomcat-servlet-3_1-api-8.0.53-29.27 is installed OR tomcat-webapps-8.0.53-29.27 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND binutils-2.32-9.33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information MozillaFirefox-60.8.0-109.83 is installed OR MozillaFirefox-translations-common-60.8.0-109.83 is installed OR libfreebl3-3.44.1-58.28 is installed OR libfreebl3-32bit-3.44.1-58.28 is installed OR libfreebl3-hmac-3.44.1-58.28 is installed OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed OR libsoftokn3-3.44.1-58.28 is installed OR libsoftokn3-32bit-3.44.1-58.28 is installed OR libsoftokn3-hmac-3.44.1-58.28 is installed OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed OR mozilla-nss-3.44.1-58.28 is installed OR mozilla-nss-32bit-3.44.1-58.28 is installed OR mozilla-nss-certs-3.44.1-58.28 is installed OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed OR mozilla-nss-tools-3.44.1-58.28 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libssh2-1-1.4.3-20.6 is installed OR libssh2-1-32bit-1.4.3-20.6 is installed OR libssh2_org-1.4.3-20.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND autofs-5.0.9-28.3 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information containerd-0.2.4+gitr565_0366d7e-9 is installed OR docker-1.12.3-81 is installed OR runc-0.1.1+gitr2816_02f8fa7-9 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information gnutls-3.2.15-18.6 is installed OR libgnutls-openssl27-3.2.15-18.6 is installed OR libgnutls28-3.2.15-18.6 is installed OR libgnutls28-32bit-3.2.15-18.6 is installed
BACK