Oval Definition:oval:org.opensuse.security:def:56434
Revision Date:2020-12-01Version:1
Title:Security update for java-1_8_0-openjdk (Important)
Description:

This java-1_8_0-openjdk update to version jdk8u141 (icedtea 3.5.0) fixes the following issues:

Security issues fixed: - CVE-2017-10053: Improved image post-processing steps (bsc#1049305) - CVE-2017-10067: Additional jar validation steps (bsc#1049306) - CVE-2017-10074: Image conversion improvements (bsc#1049307) - CVE-2017-10078: Better script accessibility for JavaScript (bsc#1049308) - CVE-2017-10081: Right parenthesis issue (bsc#1049309) - CVE-2017-10086: Unspecified vulnerability in subcomponent JavaFX (bsc#1049310) - CVE-2017-10087: Better Thread Pool execution (bsc#1049311) - CVE-2017-10089: Service Registration Lifecycle (bsc#1049312) - CVE-2017-10090: Better handling of channel groups (bsc#1049313) - CVE-2017-10096: Transform Transformer Exceptions (bsc#1049314) - CVE-2017-10101: Better reading of text catalogs (bsc#1049315) - CVE-2017-10102: Improved garbage collection (bsc#1049316) - CVE-2017-10105: Unspecified vulnerability in subcomponent deployment (bsc#1049317) - CVE-2017-10107: Less Active Activations (bsc#1049318) - CVE-2017-10108: Better naming attribution (bsc#1049319) - CVE-2017-10109: Better sourcing of code (bsc#1049320) - CVE-2017-10110: Better image fetching (bsc#1049321) - CVE-2017-10111: Rearrange MethodHandle arrangements (bsc#1049322) - CVE-2017-10114: Unspecified vulnerability in subcomponent JavaFX (bsc#1049323) - CVE-2017-10115: Higher quality DSA operations (bsc#1049324) - CVE-2017-10116: Proper directory lookup processing (bsc#1049325) - CVE-2017-10118: Higher quality ECDSA operations (bsc#1049326) - CVE-2017-10125: Unspecified vulnerability in subcomponent deployment (bsc#1049327) - CVE-2017-10135: Better handling of PKCS8 material (bsc#1049328) - CVE-2017-10176: Additional elliptic curve support (bsc#1049329) - CVE-2017-10193: Improve algorithm constraints implementation (bsc#1049330) - CVE-2017-10198: Clear certificate chain connections (bsc#1049331) - CVE-2017-10243: Unspecified vulnerability in subcomponent JAX-WS (bsc#1049332)

Bug fixes: - Check registry registration location - Improved certificate processing - JMX diagnostic improvements - Update to libpng 1.6.28 - Import of OpenJDK 8 u141 build 15 (bsc#1049302)

New features: - Support using RSAandMGF1 with the SHA hash algorithms in the PKCS11 provider

Family:unixClass:patch
Status:Reference(s):1001951
1010470
1012382
1021315
1022043
1024788
1045330
1049302
1049305
1049306
1049307
1049308
1049309
1049310
1049311
1049312
1049313
1049314
1049315
1049316
1049317
1049318
1049319
1049320
1049321
1049322
1049323
1049324
1049325
1049326
1049327
1049328
1049329
1049330
1049331
1049332
1053417
1055755
1062568
1062604
1063416
1064233
1065999
1066001
1067118
1068032
1072689
1072865
1074488
1075617
1075621
1077182
1077560
1077779
1078669
1078672
1078673
1078674
1080255
1080287
1080464
1080757
1081512
1082299
1083244
1083483
1083494
1083640
1084323
1085107
1085114
1085447
1088268
1090036
1090534
1090955
1091171
1092903
1096547
1097104
1097108
1099811
1099813
1099844
1099845
1099846
1099849
1099863
1099864
1099922
1100001
1102870
1103445
1104319
1104495
1104818
1104906
1105100
1105322
1105323
1105396
1106095
1106369
1106509
1106511
1107689
1108912
1125330
1127987
1129821
1130262
998182
CVE-2009-3736
CVE-2011-4182
CVE-2012-0862
CVE-2012-2451
CVE-2013-4342
CVE-2013-5653
CVE-2014-3514
CVE-2014-9273
CVE-2016-10164
CVE-2016-7404
CVE-2016-7915
CVE-2016-7978
CVE-2016-7979
CVE-2017-0861
CVE-2017-10053
CVE-2017-10067
CVE-2017-10074
CVE-2017-10078
CVE-2017-10081
CVE-2017-10086
CVE-2017-10087
CVE-2017-10089
CVE-2017-10090
CVE-2017-10096
CVE-2017-10101
CVE-2017-10102
CVE-2017-10105
CVE-2017-10107
CVE-2017-10108
CVE-2017-10109
CVE-2017-10110
CVE-2017-10111
CVE-2017-10114
CVE-2017-10115
CVE-2017-10116
CVE-2017-10118
CVE-2017-10125
CVE-2017-10135
CVE-2017-10176
CVE-2017-10193
CVE-2017-10198
CVE-2017-10243
CVE-2017-12190
CVE-2017-13166
CVE-2017-15299
CVE-2017-16644
CVE-2017-16911
CVE-2017-16912
CVE-2017-16913
CVE-2017-16914
CVE-2017-18017
CVE-2017-18204
CVE-2017-18208
CVE-2017-18221
CVE-2017-2592
CVE-2018-1000199
CVE-2018-1066
CVE-2018-1068
CVE-2018-10853
CVE-2018-10876
CVE-2018-10877
CVE-2018-10878
CVE-2018-10879
CVE-2018-10880
CVE-2018-10881
CVE-2018-10882
CVE-2018-10883
CVE-2018-10902
CVE-2018-10940
CVE-2018-12896
CVE-2018-13093
CVE-2018-14617
CVE-2018-14634
CVE-2018-16276
CVE-2018-16658
CVE-2018-18335
CVE-2018-18356
CVE-2018-18506
CVE-2018-5332
CVE-2018-5333
CVE-2018-6554
CVE-2018-6555
CVE-2018-6927
CVE-2018-7566
CVE-2019-5785
CVE-2019-9788
CVE-2019-9790
CVE-2019-9791
CVE-2019-9792
CVE-2019-9793
CVE-2019-9794
CVE-2019-9795
CVE-2019-9796
CVE-2019-9801
CVE-2019-9810
CVE-2019-9813
SUSE-SU-2016:2492-1
SUSE-SU-2017:0467-1
SUSE-SU-2017:1062-1
SUSE-SU-2017:1233-1
SUSE-SU-2017:2175-1
SUSE-SU-2017:3441-1
SUSE-SU-2018:0848-1
SUSE-SU-2018:1227-1
SUSE-SU-2018:2908-1
SUSE-SU-2019:0852-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • alsa-1.1.5-lp150.4 is installed
  • OR libasound2-1.1.5-lp150.4 is installed
  • OR libasound2-32bit-1.1.5-lp150.4 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libldap-2_4-2-2.4.46-lp151.10.3 is installed
  • OR libldap-2_4-2-32bit-2.4.46-lp151.10.3 is installed
  • OR libldap-data-2.4.46-lp151.10.3 is installed
  • OR openldap2-2.4.46-lp151.10.3 is installed
  • OR openldap2-back-meta-2.4.46-lp151.10.3 is installed
  • OR openldap2-back-perl-2.4.46-lp151.10.3 is installed
  • OR openldap2-back-sock-2.4.46-lp151.10.3 is installed
  • OR openldap2-back-sql-2.4.46-lp151.10.3 is installed
  • OR openldap2-client-2.4.46-lp151.10.3 is installed
  • OR openldap2-contrib-2.4.46-lp151.10.3 is installed
  • OR openldap2-devel-2.4.46-lp151.10.3 is installed
  • OR openldap2-devel-32bit-2.4.46-lp151.10.3 is installed
  • OR openldap2-devel-static-2.4.46-lp151.10.3 is installed
  • OR openldap2-doc-2.4.46-lp151.10.3 is installed
  • OR openldap2-ppolicy-check-password-1.2-lp151.10.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.144-27.5 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.144-27.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • libhivex0-1.3.10-4 is installed
  • OR perl-Win-Hivex-1.3.10-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kernel-default-3.12.74-60.64.104 is installed
  • OR kernel-default-base-3.12.74-60.64.104 is installed
  • OR kernel-default-devel-3.12.74-60.64.104 is installed
  • OR kernel-default-man-3.12.74-60.64.104 is installed
  • OR kernel-devel-3.12.74-60.64.104 is installed
  • OR kernel-macros-3.12.74-60.64.104 is installed
  • OR kernel-source-3.12.74-60.64.104 is installed
  • OR kernel-syms-3.12.74-60.64.104 is installed
  • OR kernel-xen-3.12.74-60.64.104 is installed
  • OR kernel-xen-base-3.12.74-60.64.104 is installed
  • OR kernel-xen-devel-3.12.74-60.64.104 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libltdl7-2.4.2-14 is installed
  • OR libltdl7-32bit-2.4.2-14 is installed
  • OR libtool-2.4.2-14 is installed
  • OR libtool-32bit-2.4.2-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.25-30.39 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.25-30.39 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr5.25-30.39 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.25-30.39 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-52.8.1esr-109.34 is installed
  • OR MozillaFirefox-devel-52.8.1esr-109.34 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.15-30.33 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • elfutils-0.158-6 is installed
  • OR libasm1-0.158-6 is installed
  • OR libasm1-32bit-0.158-6 is installed
  • OR libdw1-0.158-6 is installed
  • OR libdw1-32bit-0.158-6 is installed
  • OR libebl1-0.158-6 is installed
  • OR libebl1-32bit-0.158-6 is installed
  • OR libelf1-0.158-6 is installed
  • OR libelf1-32bit-0.158-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libpython2_7-1_0-2.7.13-28.21 is installed
  • OR libpython2_7-1_0-32bit-2.7.13-28.21 is installed
  • OR python-2.7.13-28.21 is installed
  • OR python-32bit-2.7.13-28.21 is installed
  • OR python-base-2.7.13-28.21 is installed
  • OR python-base-32bit-2.7.13-28.21 is installed
  • OR python-curses-2.7.13-28.21 is installed
  • OR python-demo-2.7.13-28.21 is installed
  • OR python-doc-2.7.13-28.21 is installed
  • OR python-doc-pdf-2.7.13-28.21 is installed
  • OR python-gdbm-2.7.13-28.21 is installed
  • OR python-idle-2.7.13-28.21 is installed
  • OR python-tk-2.7.13-28.21 is installed
  • OR python-xml-2.7.13-28.21 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • glibc-2.22-15 is installed
  • OR glibc-32bit-2.22-15 is installed
  • OR glibc-devel-2.22-15 is installed
  • OR glibc-devel-32bit-2.22-15 is installed
  • OR glibc-html-2.22-15 is installed
  • OR glibc-i18ndata-2.22-15 is installed
  • OR glibc-info-2.22-15 is installed
  • OR glibc-locale-2.22-15 is installed
  • OR glibc-locale-32bit-2.22-15 is installed
  • OR glibc-profile-2.22-15 is installed
  • OR glibc-profile-32bit-2.22-15 is installed
  • OR nscd-2.22-15 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND ruby2.1-rubygem-railties-4_2-4.2.2-2 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND python-oslo.middleware-3.19.0-3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libseccomp-2.4.1-11.3 is installed
  • OR libseccomp2-2.4.1-11.3 is installed
  • OR libseccomp2-32bit-2.4.1-11.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libXvnc1-1.6.0-18.28 is installed
  • OR tigervnc-1.6.0-18.28 is installed
  • OR xorg-x11-Xvnc-1.6.0-18.28 is installed
    • BACK