Oval Definition:oval:org.opensuse.security:def:55474
Revision Date:2020-12-01Version:1
Title:Security update for java-1_7_0-openjdk (Important)
Description:

This update fixes 13 security issues.

These security issues were fixed: - CVE-2015-0395: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot (bnc#914041). - CVE-2015-0400: Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality via unknown vectors related to Libraries (bnc#914041). - CVE-2015-0383: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allowed local users to affect integrity and availability via unknown vectors related to Hotspot (bnc#914041). - CVE-2015-0412: Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS (bnc#914041). - CVE-2015-0407: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality via unknown vectors related to Swing (bnc#914041). - CVE-2015-0408: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI (bnc#914041). - CVE-2014-6585: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality via unknown vectors reelated to 2D, a different vulnerability than CVE-2014-6591 (bnc#914041). - CVE-2014-6587: Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allowed local users to affect confidentiality, integrity, and availability via unknown vectors related to Libraries (bnc#914041). - CVE-2014-6591: Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6585 (bnc#914041). - CVE-2014-6593: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit 27.8.4 and 28.3.4 allowed remote attackers to affect confidentiality and integrity via vectors related to JSSE (bnc#914041). - CVE-2014-6601: Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot (bnc#914041). - CVE-2015-0410: Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allowed remote attackers to affect availability via unknown vectors related to Security (bnc#914041). - CVE-2014-3566: The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, used nondeterministic CBC padding, which made it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the 'POODLE' issue (bnc#901223).

These non-security issues were fixed: - Update protocol support (S8046656). - Fewer escapes from escape analysis (S8047130). - Better GC validation (S8049253). - TLAB stability (S8055479).
Family:unixClass:patch
Status:Reference(s):1001419
1002165
1004418
1009254
1027575
1035082
1038564
1042892
1043960
1046191
1050751
1054979
1071853
1093536
1094462
1099498
1106923
1107874
1108835
1109252
1109845
1109893
1110445
1110542
1111278
1111319
1112024
1112911
1113083
1113296
1113632
1113665
1115245
1117751
1117776
1118460
1118462
1118463
1120629
1120630
1120631
1125623
1125666
1127155
1131823
1134226
1137443
1137977
795826
901223
904970
906574
907150
914041
914890
916927
919053
919062
920615
920633
920865
920896
921333
924663
924960
924961
930408
934789
936407
936408
936409
CVE-2012-5668
CVE-2012-5669
CVE-2013-2069
CVE-2013-4566
CVE-2014-0040
CVE-2014-0041
CVE-2014-0042
CVE-2014-3566
CVE-2014-6272
CVE-2014-6585
CVE-2014-6587
CVE-2014-6591
CVE-2014-6593
CVE-2014-6601
CVE-2014-8127
CVE-2014-8128
CVE-2014-8129
CVE-2014-8130
CVE-2014-8964
CVE-2014-9655
CVE-2015-0383
CVE-2015-0395
CVE-2015-0400
CVE-2015-0407
CVE-2015-0408
CVE-2015-0410
CVE-2015-0412
CVE-2015-0433
CVE-2015-0441
CVE-2015-0499
CVE-2015-0501
CVE-2015-0505
CVE-2015-2325
CVE-2015-2326
CVE-2015-2568
CVE-2015-2571
CVE-2015-2573
CVE-2015-3152
CVE-2016-10196
CVE-2016-5195
CVE-2017-2636
CVE-2017-5429
CVE-2017-5430
CVE-2017-5432
CVE-2017-5433
CVE-2017-5434
CVE-2017-5435
CVE-2017-5436
CVE-2017-5438
CVE-2017-5439
CVE-2017-5440
CVE-2017-5441
CVE-2017-5442
CVE-2017-5443
CVE-2017-5444
CVE-2017-5445
CVE-2017-5446
CVE-2017-5447
CVE-2017-5448
CVE-2017-5449
CVE-2017-5451
CVE-2017-5454
CVE-2017-5455
CVE-2017-5456
CVE-2017-5459
CVE-2017-5460
CVE-2017-5461
CVE-2017-5462
CVE-2017-5464
CVE-2017-5465
CVE-2017-5466
CVE-2017-5467
CVE-2017-5469
CVE-2017-5470
CVE-2017-5472
CVE-2017-7533
CVE-2017-7645
CVE-2017-7749
CVE-2017-7750
CVE-2017-7751
CVE-2017-7752
CVE-2017-7754
CVE-2017-7755
CVE-2017-7756
CVE-2017-7757
CVE-2017-7758
CVE-2017-7761
CVE-2017-7763
CVE-2017-7764
CVE-2017-7765
CVE-2017-7768
CVE-2017-7778
CVE-2017-8890
CVE-2017-9242
CVE-2018-10811
CVE-2018-15686
CVE-2018-15688
CVE-2018-16151
CVE-2018-16152
CVE-2018-17540
CVE-2018-19636
CVE-2018-19637
CVE-2018-19638
CVE-2018-19639
CVE-2018-19640
CVE-2018-20532
CVE-2018-20533
CVE-2018-20534
CVE-2018-5388
CVE-2019-12735
SUSE-SU-2015:0503-1
SUSE-SU-2015:1273-1
SUSE-SU-2015:1420-1
SUSE-SU-2016:2592-1
SUSE-SU-2017:1669-1
SUSE-SU-2017:2060-1
SUSE-SU-2017:2061-1
SUSE-SU-2018:3767-2
SUSE-SU-2019:1122-1
SUSE-SU-2019:1456-1
SUSE-SU-2019:1972-1
SUSE-SU-2019:3266-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • apache2-mod_php7-7.2.5-lp150.1 is installed
  • OR php7-7.2.5-lp150.1 is installed
  • OR php7-ctype-7.2.5-lp150.1 is installed
  • OR php7-dom-7.2.5-lp150.1 is installed
  • OR php7-iconv-7.2.5-lp150.1 is installed
  • OR php7-json-7.2.5-lp150.1 is installed
  • OR php7-mysql-7.2.5-lp150.1 is installed
  • OR php7-pdo-7.2.5-lp150.1 is installed
  • OR php7-pgsql-7.2.5-lp150.1 is installed
  • OR php7-sqlite-7.2.5-lp150.1 is installed
  • OR php7-tokenizer-7.2.5-lp150.1 is installed
  • OR php7-xmlreader-7.2.5-lp150.1 is installed
  • OR php7-xmlwriter-7.2.5-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • evince-3.26.0+20180128.1bd86963-lp151.4.3 is installed
  • OR evince-devel-3.26.0+20180128.1bd86963-lp151.4.3 is installed
  • OR evince-lang-3.26.0+20180128.1bd86963-lp151.4.3 is installed
  • OR evince-plugin-comicsdocument-3.26.0+20180128.1bd86963-lp151.4.3 is installed
  • OR evince-plugin-djvudocument-3.26.0+20180128.1bd86963-lp151.4.3 is installed
  • OR evince-plugin-dvidocument-3.26.0+20180128.1bd86963-lp151.4.3 is installed
  • OR evince-plugin-pdfdocument-3.26.0+20180128.1bd86963-lp151.4.3 is installed
  • OR evince-plugin-psdocument-3.26.0+20180128.1bd86963-lp151.4.3 is installed
  • OR evince-plugin-tiffdocument-3.26.0+20180128.1bd86963-lp151.4.3 is installed
  • OR evince-plugin-xpsdocument-3.26.0+20180128.1bd86963-lp151.4.3 is installed
  • OR libevdocument3-4-3.26.0+20180128.1bd86963-lp151.4.3 is installed
  • OR libevview3-3-3.26.0+20180128.1bd86963-lp151.4.3 is installed
  • OR nautilus-evince-3.26.0+20180128.1bd86963-lp151.4.3 is installed
  • OR typelib-1_0-EvinceDocument-3_0-3.26.0+20180128.1bd86963-lp151.4.3 is installed
  • OR typelib-1_0-EvinceView-3_0-3.26.0+20180128.1bd86963-lp151.4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • freetype2-2.3.7-25.32 is installed
  • OR freetype2-32bit-2.3.7-25.32 is installed
  • OR freetype2-devel-2.3.7-25.32 is installed
  • OR ft2demos-2.3.7-25.32 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • libtiff3-3.8.2-141.160 is installed
  • OR libtiff3-32bit-3.8.2-141.160 is installed
  • OR tiff-3.8.2-141.160 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.75-11 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.75-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • gvim-7.4.326-17.3 is installed
  • OR vim-7.4.326-17.3 is installed
  • OR vim-data-7.4.326-17.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • libsystemd0-228-150.53 is installed
  • OR libsystemd0-32bit-228-150.53 is installed
  • OR libudev1-228-150.53 is installed
  • OR libudev1-32bit-228-150.53 is installed
  • OR systemd-228-150.53 is installed
  • OR systemd-32bit-228-150.53 is installed
  • OR systemd-bash-completion-228-150.53 is installed
  • OR systemd-sysvinit-228-150.53 is installed
  • OR udev-228-150.53 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND apache2-mod_nss-1.0.8-13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • MozillaFirefox-52.2.0esr-108 is installed
  • OR MozillaFirefox-branding-SLE-52-31 is installed
  • OR MozillaFirefox-devel-52.2.0esr-108 is installed
  • OR MozillaFirefox-translations-52.2.0esr-108 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • expat-2.1.0-17 is installed
  • OR libexpat1-2.1.0-17 is installed
  • OR libexpat1-32bit-2.1.0-17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • kernel-default-4.4.121-92.101 is installed
  • OR kernel-default-base-4.4.121-92.101 is installed
  • OR kernel-default-devel-4.4.121-92.101 is installed
  • OR kernel-devel-4.4.121-92.101 is installed
  • OR kernel-macros-4.4.121-92.101 is installed
  • OR kernel-source-4.4.121-92.101 is installed
  • OR kernel-syms-4.4.121-92.101 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.45-38.37 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.45-38.37 is installed
  • OR java-1_7_1-ibm-devel-1.7.1_sr4.45-38.37 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.45-38.37 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.45-38.37 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_90-92_50-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_15-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • dracut-044-113 is installed
  • OR dracut-fips-044-113 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND ipmitool-1.8.18-5.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • xen-4.9.4_04-3.56 is installed
  • OR xen-doc-html-4.9.4_04-3.56 is installed
  • OR xen-libs-4.9.4_04-3.56 is installed
  • OR xen-libs-32bit-4.9.4_04-3.56 is installed
  • OR xen-tools-4.9.4_04-3.56 is installed
  • OR xen-tools-domU-4.9.4_04-3.56 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • rsyslog-8.24.0-3.7 is installed
  • OR rsyslog-diag-tools-8.24.0-3.7 is installed
  • OR rsyslog-doc-8.24.0-3.7 is installed
  • OR rsyslog-module-gssapi-8.24.0-3.7 is installed
  • OR rsyslog-module-gtls-8.24.0-3.7 is installed
  • OR rsyslog-module-mysql-8.24.0-3.7 is installed
  • OR rsyslog-module-pgsql-8.24.0-3.7 is installed
  • OR rsyslog-module-relp-8.24.0-3.7 is installed
  • OR rsyslog-module-snmp-8.24.0-3.7 is installed
  • OR rsyslog-module-udpspoof-8.24.0-3.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND kdump-0.8.16-9 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND openstack-heat-templates-0.0.0+git.1452795102.e53f5d3-1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-devel-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.25-38.23 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • dovecot22-2.2.31-19.17 is installed
  • OR dovecot22-backend-mysql-2.2.31-19.17 is installed
  • OR dovecot22-backend-pgsql-2.2.31-19.17 is installed
  • OR dovecot22-backend-sqlite-2.2.31-19.17 is installed
    • BACK