Oval Definition:	oval:org.opensuse.security:def:56735
Revision Date: 2020-12-01 Version: 1 Title: Security update for java-1_7_0-openjdk (Important) Description: This update for java-1_7_0-openjdk fixes the following issues: Security issues fixed: - CVE-2017-10356: Fix issue inside subcomponent Security (bsc#1064084). - CVE-2017-10274: Fix issue inside subcomponent Smart Card IO (bsc#1064071). - CVE-2017-10281: Fix issue inside subcomponent Serialization (bsc#1064072). - CVE-2017-10285: Fix issue inside subcomponent RMI (bsc#1064073). - CVE-2017-10295: Fix issue inside subcomponent Networking (bsc#1064075). - CVE-2017-10388: Fix issue inside subcomponent Libraries (bsc#1064086). - CVE-2017-10346: Fix issue inside subcomponent Hotspot (bsc#1064078). - CVE-2017-10350: Fix issue inside subcomponent JAX-WS (bsc#1064082). - CVE-2017-10347: Fix issue inside subcomponent Serialization (bsc#1064079). - CVE-2017-10349: Fix issue inside subcomponent JAXP (bsc#1064081). - CVE-2017-10345: Fix issue inside subcomponent Serialization (bsc#1064077). - CVE-2017-10348: Fix issue inside subcomponent Libraries (bsc#1064080). - CVE-2017-10357: Fix issue inside subcomponent Serialization (bsc#1064085). - CVE-2017-10355: Fix issue inside subcomponent Networking (bsc#1064083). - CVE-2017-10102: Fix incorrect handling of references in DGC (bsc#1049316). - CVE-2017-10053: Fix reading of unprocessed image data in JPEGImageReader (bsc#1049305). - CVE-2017-10067: Fix JAR verifier incorrect handling of missing digest (bsc#1049306). - CVE-2017-10081: Fix incorrect bracket processing in function signature handling (bsc#1049309). - CVE-2017-10087: Fix insufficient access control checks in ThreadPoolExecutor (bsc#1049311). - CVE-2017-10089: Fix insufficient access control checks in ServiceRegistry (bsc#1049312). - CVE-2017-10090: Fix insufficient access control checks in AsynchronousChannelGroupImpl (bsc#1049313). - CVE-2017-10096: Fix insufficient access control checks in XML transformations (bsc#1049314). - CVE-2017-10101: Fix unrestricted access to com.sun.org.apache.xml.internal.resolver (bsc#1049315). - CVE-2017-10107: Fix insufficient access control checks in ActivationID (bsc#1049318). - CVE-2017-10074: Fix integer overflows in range check loop predicates (bsc#1049307). - CVE-2017-10110: Fix insufficient access control checks in ImageWatched (bsc#1049321). - CVE-2017-10108: Fix unbounded memory allocation in BasicAttribute deserialization (bsc#1049319). - CVE-2017-10109: Fix unbounded memory allocation in CodeSource deserialization (bsc#1049320). - CVE-2017-10115: Fix unspecified vulnerability in subcomponent JCE (bsc#1049324). - CVE-2017-10118: Fix ECDSA implementation timing attack (bsc#1049326). - CVE-2017-10116: Fix LDAPCertStore following referrals to non-LDAP URL (bsc#1049325). - CVE-2017-10135: Fix PKCS#8 implementation timing attack (bsc#1049328). - CVE-2017-10176: Fix incorrect handling of certain EC points (bsc#1049329). - CVE-2017-10074: Fix integer overflows in range check loop predicates (bsc#1049307). - CVE-2017-10074: Fix integer overflows in range check loop predicates (bsc#1049307). - CVE-2017-10111: Fix checks in LambdaFormEditor (bsc#1049322). - CVE-2017-10243: Fix unspecified vulnerability in subcomponent JAX-WS (bsc#1049332). - CVE-2017-10125: Fix unspecified vulnerability in subcomponent deployment (bsc#1049327). - CVE-2017-10114: Fix unspecified vulnerability in subcomponent JavaFX (bsc#1049323). - CVE-2017-10105: Fix unspecified vulnerability in subcomponent deployment (bsc#1049317). - CVE-2017-10086: Fix unspecified in subcomponent JavaFX (bsc#1049310). - CVE-2017-10198: Fix incorrect enforcement of certificate path restrictions (bsc#1049331). - CVE-2017-10193: Fix incorrect key size constraint check (bsc#1049330). Bug fixes: - Drop Exec Shield workaround to fix crashes on recent kernels, where Exec Shield is gone (bsc#1052318). Family: unix Class: patch Status: Reference(s): 1004455 1006796 1007600 1011057 1013496 1013708 1013712 1013721 1013732 1013877 1013893 1015171 1015173 1024200 1026652 1049305 1049306 1049307 1049309 1049310 1049311 1049312 1049313 1049314 1049315 1049316 1049317 1049318 1049319 1049320 1049321 1049322 1049323 1049324 1049325 1049326 1049327 1049328 1049329 1049330 1049331 1049332 1052311 1052318 1052368 1057342 1064071 1064072 1064073 1064075 1064077 1064078 1064079 1064080 1064081 1064082 1064083 1064084 1064085 1064086 1121571 1121816 1121818 1121821 1125815 1132174 1132323 1154824 1155419 1156353 1160471 1164871 1170441 1171098 1171195 1171202 1171218 1171219 1171252 1171254 1171689 1171698 1172221 1172317 1172466 770619 913727 938593 941384 954210 971031 978424 985110 990856 994598 CVE-2012-0035 CVE-2014-0467 CVE-2014-3421 CVE-2014-3422 CVE-2014-3423 CVE-2014-3424 CVE-2014-9116 CVE-2015-5191 CVE-2015-8079 CVE-2016-10165 CVE-2016-10745 CVE-2016-6354 CVE-2016-7837 CVE-2016-9797 CVE-2016-9798 CVE-2016-9800 CVE-2016-9801 CVE-2016-9802 CVE-2016-9804 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2016-9917 CVE-2016-9918 CVE-2017-1000112 CVE-2017-1000250 CVE-2017-10053 CVE-2017-10067 CVE-2017-10074 CVE-2017-10081 CVE-2017-10086 CVE-2017-10087 CVE-2017-10089 CVE-2017-10090 CVE-2017-10096 CVE-2017-10101 CVE-2017-10102 CVE-2017-10105 CVE-2017-10107 CVE-2017-10108 CVE-2017-10109 CVE-2017-10110 CVE-2017-10111 CVE-2017-10114 CVE-2017-10115 CVE-2017-10116 CVE-2017-10118 CVE-2017-10125 CVE-2017-10135 CVE-2017-10176 CVE-2017-10193 CVE-2017-10198 CVE-2017-10243 CVE-2017-10274 CVE-2017-10281 CVE-2017-10285 CVE-2017-10295 CVE-2017-10345 CVE-2017-10346 CVE-2017-10347 CVE-2017-10348 CVE-2017-10349 CVE-2017-10350 CVE-2017-10355 CVE-2017-10356 CVE-2017-10357 CVE-2017-10388 CVE-2018-20685 CVE-2019-10906 CVE-2019-15681 CVE-2019-15690 CVE-2019-20788 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2019-8341 CVE-2020-0543 CVE-2020-0548 CVE-2020-0549 CVE-2020-10757 CVE-2020-12114 CVE-2020-12652 CVE-2020-12653 CVE-2020-12654 CVE-2020-12656 SUSE-SU-2016:0953-1 SUSE-SU-2016:2397-1 SUSE-SU-2016:2871-1 SUSE-SU-2017:0701-1 SUSE-SU-2017:2438-1 SUSE-SU-2018:0005-1 SUSE-SU-2019:0125-1 SUSE-SU-2019:1339-1 SUSE-SU-2019:1554-1 SUSE-SU-2020:1165-1 SUSE-SU-2020:1475-1 SUSE-SU-2020:1595-1 SUSE-SU-2020:1597-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND dracut-044.1-lp150.13 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libIlmImf-2_2-23-2.2.1-lp151.4.6 is installed OR libIlmImf-2_2-23-32bit-2.2.1-lp151.4.6 is installed OR libIlmImfUtil-2_2-23-2.2.1-lp151.4.6 is installed OR libIlmImfUtil-2_2-23-32bit-2.2.1-lp151.4.6 is installed OR openexr-2.2.1-lp151.4.6 is installed OR openexr-devel-2.2.1-lp151.4.6 is installed OR openexr-doc-2.2.1-lp151.4.6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information java-1_7_0-openjdk-1.7.0.161-43.7 is installed OR java-1_7_0-openjdk-headless-1.7.0.161-43.7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information at-3.1.14-7 is installed OR cyrus-imapd-2.3.18-40 is installed OR flex-2.5.37-8 is installed OR flex-32bit-2.5.37-8 is installed OR kdelibs4-4.12.0-7 is installed OR libQtWebKit4-4.8.6+2.3.3-3 is installed OR libQtWebKit4-32bit-4.8.6+2.3.3-3 is installed OR libbonobo-2.32.1-16 is installed OR libbonobo-32bit-2.32.1-16 is installed OR libbonobo-doc-2.32.1-16 is installed OR libbonobo-lang-2.32.1-16 is installed OR libkde4-4.12.0-7 is installed OR libkde4-32bit-4.12.0-7 is installed OR libkdecore4-4.12.0-7 is installed OR libkdecore4-32bit-4.12.0-7 is installed OR libksuseinstall1-4.12.0-7 is installed OR libksuseinstall1-32bit-4.12.0-7 is installed OR libnetpbm11-10.66.3-4 is installed OR libnetpbm11-32bit-10.66.3-4 is installed OR netpbm-10.66.3-4 is installed OR openslp-2.0.0-11 is installed OR openslp-32bit-2.0.0-11 is installed OR openslp-server-2.0.0-11 is installed OR perl-Cyrus-IMAP-2.3.18-40 is installed OR perl-Cyrus-SIEVE-managesieve-2.3.18-40 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_62-60_64_8-default-11-2 is installed OR kgraft-patch-3_12_62-60_64_8-xen-11-2 is installed OR kgraft-patch-SLE12-SP1_Update_8-11-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information emacs-24.3-16 is installed OR emacs-el-24.3-16 is installed OR emacs-info-24.3-16 is installed OR emacs-nox-24.3-16 is installed OR emacs-x11-24.3-16 is installed OR etags-24.3-16 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information kernel-default-4.4.121-92.85 is installed OR kernel-default-base-4.4.121-92.85 is installed OR kernel-default-devel-4.4.121-92.85 is installed OR kernel-devel-4.4.121-92.85 is installed OR kernel-macros-4.4.121-92.85 is installed OR kernel-source-4.4.121-92.85 is installed OR kernel-syms-4.4.121-92.85 is installed OR kgraft-patch-4_4_121-92_85-default-1-3.5 is installed OR kgraft-patch-SLE12-SP2_Update_23-1-3.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libwireshark9-2.4.9-48.29 is installed OR libwiretap7-2.4.9-48.29 is installed OR libwscodecs1-2.4.9-48.29 is installed OR libwsutil8-2.4.9-48.29 is installed OR wireshark-2.4.9-48.29 is installed OR wireshark-gtk-2.4.9-48.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_103-92_53-default-7-2 is installed OR kgraft-patch-SLE12-SP2_Update_16-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information emacs-24.3-19 is installed OR emacs-el-24.3-19 is installed OR emacs-info-24.3-19 is installed OR emacs-nox-24.3-19 is installed OR emacs-x11-24.3-19 is installed OR etags-24.3-19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information ghostscript-9.52-23.34 is installed OR ghostscript-x11-9.52-23.34 is installed OR libspectre-0.2.7-12.10 is installed OR libspectre1-0.2.7-12.10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_178-94_91-default-5-2 is installed OR kgraft-patch-SLE12-SP3_Update_25-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_176-94_88-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_24-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libXv1-1.0.10-7 is installed OR libXv1-32bit-1.0.10-7 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information bluez-5.13-3.10 is installed OR libbluetooth3-5.13-3.10 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND python-Jinja2-2.8-22.8 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND cobbler-2.6.6-49.14 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND python-ipaddress-1.0.18-3.13 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information crowbar-core-6.0+git.1582892022.cbd70e833-3.19 is installed OR crowbar-core-branding-upstream-6.0+git.1582892022.cbd70e833-3.19 is installed OR crowbar-ha-6.0+git.1574286261.6fd1a34-3.13 is installed OR crowbar-openstack-6.0+git.1580922461.67fb3c087-3.19 is installed OR crowbar-ui-1.3.0+git.1575896697.a01a3a08-17 is installed OR keepalived-2.0.19-3.3 is installed OR openstack-barbican-7.0.1~dev24-3.6 is installed OR openstack-barbican-api-7.0.1~dev24-3.6 is installed OR openstack-barbican-keystone-listener-7.0.1~dev24-3.6 is installed OR openstack-barbican-retry-7.0.1~dev24-3.6 is installed OR openstack-barbican-worker-7.0.1~dev24-3.6 is installed OR openstack-ceilometer-11.0.2~dev21-3.10 is installed OR openstack-ceilometer-agent-central-11.0.2~dev21-3.10 is installed OR openstack-ceilometer-agent-compute-11.0.2~dev21-3.10 is installed OR openstack-ceilometer-agent-ipmi-11.0.2~dev21-3.10 is installed OR openstack-ceilometer-agent-notification-11.0.2~dev21-3.10 is installed OR openstack-ceilometer-polling-11.0.2~dev21-3.10 is installed OR openstack-cinder-13.0.9~dev11-3.16 is installed OR openstack-cinder-api-13.0.9~dev11-3.16 is installed OR openstack-cinder-backup-13.0.9~dev11-3.16 is installed OR openstack-cinder-scheduler-13.0.9~dev11-3.16 is installed OR openstack-cinder-volume-13.0.9~dev11-3.16 is installed OR openstack-dashboard-14.1.1~dev1-3.12 is installed OR openstack-dashboard-theme-SUSE-2018.2+git.1555335229.5c8dec9-3.3 is installed OR openstack-designate-7.0.1~dev23-3.13 is installed OR openstack-designate-agent-7.0.1~dev23-3.13 is installed OR openstack-designate-api-7.0.1~dev23-3.13 is installed OR openstack-designate-central-7.0.1~dev23-3.13 is installed OR openstack-designate-producer-7.0.1~dev23-3.13 is installed OR openstack-designate-sink-7.0.1~dev23-3.13 is installed OR openstack-designate-worker-7.0.1~dev23-3.13 is installed OR openstack-heat-11.0.3~dev31-3.13 is installed OR openstack-heat-api-11.0.3~dev31-3.13 is installed OR openstack-heat-api-cfn-11.0.3~dev31-3.13 is installed OR openstack-heat-engine-11.0.3~dev31-3.13 is installed OR openstack-heat-plugin-heat_docker-11.0.3~dev31-3.13 is installed OR openstack-horizon-plugin-designate-ui-7.0.1~dev8-3.6 is installed OR openstack-horizon-plugin-ironic-ui-3.3.1~dev14-3.3 is installed OR openstack-horizon-plugin-neutron-lbaas-ui-5.0.1~dev8-11 is installed OR openstack-horizon-plugin-octavia-ui-2.0.2~dev1-1.3 is installed OR openstack-ironic-11.1.4~dev22-3.13 is installed OR openstack-ironic-api-11.1.4~dev22-3.13 is installed OR openstack-ironic-conductor-11.1.4~dev22-3.13 is installed OR openstack-ironic-python-agent-3.3.3~dev6-3.13 is installed OR openstack-keystone-14.1.1~dev36-3.19 is installed OR openstack-magnum-7.2.1~dev1-3.10 is installed OR openstack-magnum-api-7.2.1~dev1-3.10 is installed OR openstack-magnum-conductor-7.2.1~dev1-3.10 is installed OR openstack-monasca-agent-2.8.1~dev13-3.6 is installed OR openstack-neutron-13.0.7~dev48-3.19 is installed OR openstack-neutron-dhcp-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-fwaas-13.0.3~dev4-3.9 is installed OR openstack-neutron-gbp-5.0.1~dev491-3.16 is installed OR openstack-neutron-ha-tool-13.0.7~dev48-3.19 is installed OR openstack-neutron-l3-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-linuxbridge-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-macvtap-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-metadata-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-metering-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-openvswitch-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-server-13.0.7~dev48-3.19 is installed OR openstack-neutron-vpnaas-13.0.2~dev6-3.6 is installed OR openstack-neutron-vyatta-agent-13.0.2~dev6-3.6 is installed OR openstack-nova-18.2.4~dev63-3.19 is installed OR openstack-nova-api-18.2.4~dev63-3.19 is installed OR openstack-nova-cells-18.2.4~dev63-3.19 is installed OR openstack-nova-compute-18.2.4~dev63-3.19 is installed OR openstack-nova-conductor-18.2.4~dev63-3.19 is installed OR openstack-nova-console-18.2.4~dev63-3.19 is installed OR openstack-nova-novncproxy-18.2.4~dev63-3.19 is installed OR openstack-nova-placement-api-18.2.4~dev63-3.19 is installed OR openstack-nova-scheduler-18.2.4~dev63-3.19 is installed OR openstack-nova-serialproxy-18.2.4~dev63-3.19 is installed OR openstack-nova-vncproxy-18.2.4~dev63-3.19 is installed OR openstack-octavia-3.2.2~dev8-3.19 is installed OR openstack-octavia-amphora-agent-3.2.2~dev8-3.19 is installed OR openstack-octavia-amphora-image-0.1.2-7.6 is installed OR openstack-octavia-amphora-image-x86_64-0.1.2-7.6 is installed OR openstack-octavia-api-3.2.2~dev8-3.19 is installed OR openstack-octavia-health-manager-3.2.2~dev8-3.19 is installed OR openstack-octavia-housekeeping-3.2.2~dev8-3.19 is installed OR openstack-octavia-worker-3.2.2~dev8-3.19 is installed OR openstack-sahara-9.0.2~dev15-3.9 is installed OR openstack-sahara-api-9.0.2~dev15-3.9 is installed OR openstack-sahara-engine-9.0.2~dev15-3.9 is installed OR openstack-swift-2.19.2~dev48-3.3 is installed OR openstack-swift-account-2.19.2~dev48-3.3 is installed OR openstack-swift-container-2.19.2~dev48-3.3 is installed OR openstack-swift-object-2.19.2~dev48-3.3 is installed OR openstack-swift-proxy-2.19.2~dev48-3.3 is installed OR python-amqp-2.4.2-4.3 is installed OR python-barbican-7.0.1~dev24-3.6 is installed OR python-ceilometer-11.0.2~dev21-3.10 is installed OR python-cinder-13.0.9~dev11-3.16 is installed OR python-designate-7.0.1~dev23-3.13 is installed OR python-heat-11.0.3~dev31-3.13 is installed OR python-horizon-14.1.1~dev1-3.12 is installed OR python-horizon-plugin-designate-ui-7.0.1~dev8-3.6 is installed OR python-horizon-plugin-ironic-ui-3.3.1~dev14-3.3 is installed OR python-horizon-plugin-neutron-lbaas-ui-5.0.1~dev8-11 is installed OR python-horizon-plugin-octavia-ui-2.0.2~dev1-1.3 is installed OR python-ironic-11.1.4~dev22-3.13 is installed OR python-ironic-lib-2.14.2-3.3 is installed OR python-keystone-14.1.1~dev36-3.19 is installed OR python-keystoneauth1-3.10.1~dev10-3.3 is installed OR python-keystoneclient-3.17.1~dev5-3.3 is installed OR python-keystoneclient-doc-3.17.1~dev5-3.3 is installed OR python-keystonemiddleware-5.2.2~dev3-14 is installed OR python-magnum-7.2.1~dev1-3.10 is installed OR python-monasca-agent-2.8.1~dev13-3.6 is installed OR python-neutron-13.0.7~dev48-3.19 is installed OR python-neutron-fwaas-13.0.3~dev4-3.9 is installed OR python-neutron-gbp-5.0.1~dev491-3.16 is installed OR python-neutron-vpnaas-13.0.2~dev6-3.6 is installed OR python-nova-18.2.4~dev63-3.19 is installed OR python-octavia-3.2.2~dev8-3.19 is installed OR python-openstack_auth-14.1.1~dev1-3.12 is installed OR python-ovs-2.9.0-3.3 is installed OR python-sahara-9.0.2~dev15-3.9 is installed OR python-swift-2.19.2~dev48-3.3 is installed OR ruby2.1-rubygem-crowbar-client-3.9.1-3.3 is installed OR ruby2.1-rubygem-puma-2.16.0-4.3 is installed OR rubygem-crowbar-client-3.9.1-3.3 is installed OR rubygem-puma-2.16.0-4.3 is installed OR supportutils-plugin-suse-openstack-cloud-9.0.1574431436.987b47d-3.6 is installed
BACK