Oval Definition:	oval:org.opensuse.security:def:56095
Revision Date: 2021-11-23 Version: 1 Title: Security update for java-1_8_0-openjdk (Important) Description: This update for java-1_8_0-openjdk fixes the following issues: Update to version OpenJDK 8u312 (October 2021 CPU): - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS (bsc#1191901). - CVE-2021-35556: Fixed excessive memory allocation in RTFParser (bsc#1191910). - CVE-2021-35559: Fixed excessive memory allocation in RTFReader (bsc#1191911). - CVE-2021-35561: Fixed excessive memory allocation in HashMap and HashSet (bsc#1191912). - CVE-2021-35564: Fixed certificates with end dates too far in the future can corrupt keystore (bsc#1191913). - CVE-2021-35565: Fixed loop in HttpsServer triggered during TLS session close (bsc#1191909). - CVE-2021-35567: Fixed incorrect principal selection when using Kerberos Constrained Delegation (bsc#1191903). - CVE-2021-35578: Fixed unexpected exception raised during TLS handshake (bsc#1191904). - CVE-2021-35586: Fixed excessive memory allocation in BMPImageReader (bsc#1191914). - CVE-2021-35588: Fixed incomplete validation of inner class references in ClassFileParser (bsc#1191905) - CVE-2021-35603: Fixed non-constant comparison during TLS handshakes (bsc#1191906). Family: unix Class: patch Status: Reference(s): 1010829 1013659 1013678 1013680 1017902 1041847 1045327 1053373 1057950 1097158 1097624 1098592 1111331 1132665 1159856 1159858 1159860 1160250 1160251 1160937 1163985 1166238 1191901 1191903 1191904 1191905 1191906 1191909 1191910 1191911 1191912 1191913 1191914 762294 839653 839663 844230 855685 855809 869663 946880 967017 968222 974847 983232 983234 983253 983259 983292 983305 983308 983521 983523 983527 983533 983739 983746 983752 983774 983794 983796 983799 983803 984014 984018 984023 984028 984032 984035 984135 984137 984142 984144 984145 984149 984150 984160 984166 984172 984179 984181 984183 984184 984185 984186 984187 984191 984193 984370 984372 984373 984374 984375 984379 984394 984398 984400 984401 984404 984406 984408 984409 984427 984433 984436 985442 985448 985451 985456 985460 986608 986609 CVE-2004-0801 CVE-2009-1885 CVE-2010-4267 CVE-2011-2697 CVE-2011-2722 CVE-2012-0862 CVE-2013-4325 CVE-2013-4342 CVE-2013-6402 CVE-2013-6427 CVE-2013-6441 CVE-2014-9805 CVE-2014-9806 CVE-2014-9807 CVE-2014-9808 CVE-2014-9809 CVE-2014-9810 CVE-2014-9811 CVE-2014-9812 CVE-2014-9813 CVE-2014-9814 CVE-2014-9815 CVE-2014-9816 CVE-2014-9817 CVE-2014-9818 CVE-2014-9819 CVE-2014-9820 CVE-2014-9821 CVE-2014-9822 CVE-2014-9823 CVE-2014-9824 CVE-2014-9825 CVE-2014-9826 CVE-2014-9828 CVE-2014-9829 CVE-2014-9830 CVE-2014-9831 CVE-2014-9832 CVE-2014-9833 CVE-2014-9834 CVE-2014-9835 CVE-2014-9836 CVE-2014-9837 CVE-2014-9838 CVE-2014-9839 CVE-2014-9840 CVE-2014-9841 CVE-2014-9842 CVE-2014-9843 CVE-2014-9844 CVE-2014-9845 CVE-2014-9846 CVE-2014-9847 CVE-2014-9848 CVE-2014-9849 CVE-2014-9850 CVE-2014-9851 CVE-2014-9852 CVE-2014-9853 CVE-2014-9854 CVE-2015-0252 CVE-2015-5567 CVE-2015-5568 CVE-2015-5570 CVE-2015-5571 CVE-2015-5572 CVE-2015-5573 CVE-2015-5574 CVE-2015-5575 CVE-2015-5576 CVE-2015-5577 CVE-2015-5578 CVE-2015-5579 CVE-2015-5580 CVE-2015-5581 CVE-2015-5582 CVE-2015-5584 CVE-2015-5587 CVE-2015-5588 CVE-2015-6676 CVE-2015-6677 CVE-2015-6678 CVE-2015-6679 CVE-2015-6682 CVE-2015-7560 CVE-2015-8894 CVE-2015-8895 CVE-2015-8896 CVE-2015-8897 CVE-2015-8898 CVE-2015-8900 CVE-2015-8901 CVE-2015-8902 CVE-2015-8903 CVE-2016-10109 CVE-2016-3977 CVE-2016-4562 CVE-2016-4563 CVE-2016-4564 CVE-2016-5687 CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691 CVE-2016-5841 CVE-2016-5842 CVE-2016-9445 CVE-2016-9446 CVE-2016-9809 CVE-2016-9812 CVE-2016-9813 CVE-2017-1000251 CVE-2017-15274 CVE-2018-0732 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 CVE-2019-15691 CVE-2019-15692 CVE-2019-15693 CVE-2019-15694 CVE-2019-15695 CVE-2019-20503 CVE-2020-1720 CVE-2020-6805 CVE-2020-6806 CVE-2020-6807 CVE-2020-6811 CVE-2020-6812 CVE-2020-6814 CVE-2021-35550 CVE-2021-35556 CVE-2021-35559 CVE-2021-35561 CVE-2021-35564 CVE-2021-35565 CVE-2021-35567 CVE-2021-35578 CVE-2021-35586 CVE-2021-35588 CVE-2021-35603 SUSE-SU-2015:1614-1 SUSE-SU-2016:0837-1 SUSE-SU-2016:1140-1 SUSE-SU-2016:1784-1 SUSE-SU-2016:3297-1 SUSE-SU-2017:0286-1 SUSE-SU-2017:2778-1 SUSE-SU-2018:1968-1 SUSE-SU-2019:1954-1 SUSE-SU-2020:0266-1 SUSE-SU-2020:0715-1 SUSE-SU-2020:0717-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP2-LTSS-SAP SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND argyllcms-1.9.2-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information neovim-0.3.5-lp151.2.3 is installed OR neovim-lang-0.3.5-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND lxc-0.8.0-0.21 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information flash-player-11.2.202.521-0.17 is installed OR flash-player-gnome-11.2.202.521-0.17 is installed OR flash-player-kde4-11.2.202.521-0.17 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information gstreamer-plugins-bad-1.2.4-3.4 is installed OR libgstegl-1_0-0-1.2.4-3.4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information hplip-3.14.6-3 is installed OR hplip-hpijs-3.14.6-3 is installed OR hplip-sane-3.14.6-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_67-60_64_18-default-11-4 is installed OR kgraft-patch-3_12_67-60_64_18-xen-11-4 is installed OR kgraft-patch-SLE12-SP1_Update_9-11-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information MozillaFirefox-45.4.0esr-81 is installed OR MozillaFirefox-translations-45.4.0esr-81 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libssh2-1-1.4.3-20.14 is installed OR libssh2-1-32bit-1.4.3-20.14 is installed OR libssh2_org-1.4.3-20.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_73-default-7-2 is installed OR kgraft-patch-SLE12-SP2_Update_21-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_103-92_53-default-6-2 is installed OR kgraft-patch-SLE12-SP2_Update_16-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information gpgme-1.5.1-1 is installed OR libgpgme11-1.5.1-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information java-1_8_0-ibm-1.8.0_sr6.5-30.63 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr6.5-30.63 is installed OR java-1_8_0-ibm-devel-1.8.0_sr6.5-30.63 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr6.5-30.63 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information rsyslog-8.24.0-3.7 is installed OR rsyslog-diag-tools-8.24.0-3.7 is installed OR rsyslog-doc-8.24.0-3.7 is installed OR rsyslog-module-gssapi-8.24.0-3.7 is installed OR rsyslog-module-gtls-8.24.0-3.7 is installed OR rsyslog-module-mysql-8.24.0-3.7 is installed OR rsyslog-module-pgsql-8.24.0-3.7 is installed OR rsyslog-module-relp-8.24.0-3.7 is installed OR rsyslog-module-snmp-8.24.0-3.7 is installed OR rsyslog-module-udpspoof-8.24.0-3.7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libXtst6-1.2.2-7 is installed OR libXtst6-32bit-1.2.2-7 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information krb5-1.12.5-40.31 is installed OR krb5-32bit-1.12.5-40.31 is installed OR krb5-client-1.12.5-40.31 is installed OR krb5-doc-1.12.5-40.31 is installed OR krb5-plugin-kdb-ldap-1.12.5-40.31 is installed OR krb5-plugin-preauth-otp-1.12.5-40.31 is installed OR krb5-plugin-preauth-pkinit-1.12.5-40.31 is installed OR krb5-server-1.12.5-40.31 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information kernel-default-4.4.180-94.121 is installed OR kernel-default-base-4.4.180-94.121 is installed OR kernel-default-devel-4.4.180-94.121 is installed OR kernel-default-kgraft-4.4.180-94.121 is installed OR kernel-devel-4.4.180-94.121 is installed OR kernel-macros-4.4.180-94.121 is installed OR kernel-source-4.4.180-94.121 is installed OR kernel-syms-4.4.180-94.121 is installed OR kgraft-patch-4_4_180-94_121-default-1-4.5 is installed OR kgraft-patch-SLE12-SP3_Update_32-1-4.5 is installed
BACK