Oval Definition:	oval:org.opensuse.security:def:57533
Revision Date: 2021-11-24 Version: 1 Title: Security update for java-1_7_0-openjdk (Important) Description: This update for java-1_7_0-openjdk fixes the following issues: Update to OpenJDK 7u321 (October 2021 CPU): - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS (bsc#1191901). - CVE-2021-35556: Fixed excessive memory allocation in RTFParser (bsc#1191910). - CVE-2021-35559: Fixed excessive memory allocation in RTFReader (bsc#1191911). - CVE-2021-35561: Fixed excessive memory allocation in HashMap and HashSet (bsc#1191912). - CVE-2021-35564: Fixed certificates with end dates too far in the future can corrupt keystore (bsc#1191913). - CVE-2021-35565: Fixed loop in HttpsServer triggered during TLS session close (bsc#1191909). - CVE-2021-35586: Fixed excessive memory allocation in BMPImageReader (bsc#1191914). - CVE-2021-35588: Fixed incomplete validation of inner class references in ClassFileParser (bsc#1191905) - CVE-2021-35603: Fixed non-constant comparison during TLS handshakes (bsc#1191906). Family: unix Class: patch Status: Reference(s): 1002981 1005480 1005893 1006221 1010735 1010740 1010752 1010754 1010911 1016366 1016368 1016369 1016370 1021739 1025913 1026507 1027692 1027998 1033936 1033937 1033938 1033939 1033940 1033941 1033942 1033943 1033944 1033945 1085687 1092100 1121753 1122292 1122293 1122299 1124211 1128158 1133719 1138301 1138303 1141493 1151021 1167240 1191901 1191905 1191906 1191909 1191910 1191911 1191912 1191913 1191914 815451 821669 953516 953521 990856 998761 998762 998763 998800 998963 998964 CVE-2009-0696 CVE-2009-4022 CVE-2010-2074 CVE-2010-3613 CVE-2010-3614 CVE-2010-3615 CVE-2011-0414 CVE-2011-1907 CVE-2011-1910 CVE-2011-2464 CVE-2011-4313 CVE-2012-1667 CVE-2012-3817 CVE-2012-3868 CVE-2012-4244 CVE-2012-4929 CVE-2012-5166 CVE-2012-5688 CVE-2012-5689 CVE-2013-1987 CVE-2013-2266 CVE-2013-4854 CVE-2014-0591 CVE-2014-3065 CVE-2014-3566 CVE-2014-3970 CVE-2014-4288 CVE-2014-6456 CVE-2014-6457 CVE-2014-6458 CVE-2014-6466 CVE-2014-6476 CVE-2014-6492 CVE-2014-6493 CVE-2014-6502 CVE-2014-6503 CVE-2014-6506 CVE-2014-6511 CVE-2014-6512 CVE-2014-6513 CVE-2014-6515 CVE-2014-6527 CVE-2014-6531 CVE-2014-6532 CVE-2014-6558 CVE-2014-8500 CVE-2014-8891 CVE-2014-8892 CVE-2014-9756 CVE-2015-0204 CVE-2015-0458 CVE-2015-0459 CVE-2015-0469 CVE-2015-0477 CVE-2015-0478 CVE-2015-0480 CVE-2015-0486 CVE-2015-0488 CVE-2015-0491 CVE-2015-1349 CVE-2015-1931 CVE-2015-2590 CVE-2015-2601 CVE-2015-2613 CVE-2015-2619 CVE-2015-2621 CVE-2015-2625 CVE-2015-2632 CVE-2015-2637 CVE-2015-2638 CVE-2015-2664 CVE-2015-2808 CVE-2015-4000 CVE-2015-4620 CVE-2015-4729 CVE-2015-4731 CVE-2015-4732 CVE-2015-4733 CVE-2015-4734 CVE-2015-4748 CVE-2015-4749 CVE-2015-4760 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4810 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4871 CVE-2015-4872 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4902 CVE-2015-4903 CVE-2015-4911 CVE-2015-5006 CVE-2015-5041 CVE-2015-5477 CVE-2015-5722 CVE-2015-7575 CVE-2015-7805 CVE-2015-8000 CVE-2015-8126 CVE-2015-8472 CVE-2015-8704 CVE-2016-0264 CVE-2016-0363 CVE-2016-0376 CVE-2016-0402 CVE-2016-0448 CVE-2016-0466 CVE-2016-0475 CVE-2016-0483 CVE-2016-0494 CVE-2016-0686 CVE-2016-0687 CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 CVE-2016-1285 CVE-2016-1286 CVE-2016-2776 CVE-2016-3422 CVE-2016-3426 CVE-2016-3427 CVE-2016-3443 CVE-2016-3449 CVE-2016-6354 CVE-2016-7175 CVE-2016-7176 CVE-2016-7177 CVE-2016-7178 CVE-2016-7179 CVE-2016-7180 CVE-2016-8858 CVE-2016-9373 CVE-2016-9374 CVE-2016-9375 CVE-2016-9376 CVE-2017-12652 CVE-2017-5596 CVE-2017-5597 CVE-2017-6014 CVE-2017-7700 CVE-2017-7701 CVE-2017-7702 CVE-2017-7703 CVE-2017-7704 CVE-2017-7705 CVE-2017-7745 CVE-2017-7746 CVE-2017-7747 CVE-2017-7748 CVE-2018-11212 CVE-2018-1122 CVE-2018-1123 CVE-2018-1124 CVE-2018-1125 CVE-2018-1126 CVE-2018-1890 CVE-2018-5146 CVE-2019-10161 CVE-2019-10167 CVE-2019-14835 CVE-2019-2422 CVE-2019-2449 CVE-2019-7317 CVE-2020-5267 CVE-2021-35550 CVE-2021-35556 CVE-2021-35559 CVE-2021-35561 CVE-2021-35564 CVE-2021-35565 CVE-2021-35586 CVE-2021-35588 CVE-2021-35603 SUSE-SU-2015:1979-1 SUSE-SU-2017:0264-1 SUSE-SU-2017:1442-1 SUSE-SU-2018:0784-1 SUSE-SU-2019:0450-1 SUSE-SU-2019:0617-1 SUSE-SU-2019:2105-1 SUSE-SU-2019:2613-1 SUSE-SU-2019:3060-2 SUSE-SU-2020:0954-1 SUSE-SU-2021:3797-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND hardlink-1.0+git.e66999f-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libecpg6-10.9-lp151.2.3 is installed OR libecpg6-32bit-10.9-lp151.2.3 is installed OR libpq5-10.9-lp151.2.3 is installed OR libpq5-32bit-10.9-lp151.2.3 is installed OR postgresql10-10.9-lp151.2.3 is installed OR postgresql10-contrib-10.9-lp151.2.3 is installed OR postgresql10-devel-10.9-lp151.2.3 is installed OR postgresql10-docs-10.9-lp151.2.3 is installed OR postgresql10-plperl-10.9-lp151.2.3 is installed OR postgresql10-plpython-10.9-lp151.2.3 is installed OR postgresql10-pltcl-10.9-lp151.2.3 is installed OR postgresql10-server-10.9-lp151.2.3 is installed OR postgresql10-test-10.9-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information xorg-x11-libXrender-7.4-1.16 is installed OR xorg-x11-libXrender-32bit-7.4-1.16 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information libsndfile-1.0.20-2.10 is installed OR libsndfile-32bit-1.0.20-2.10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information libprocps3-3.3.9-11.18 is installed OR procps-3.3.9-11.18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information bind-9.9.9P1-46 is installed OR bind-chrootenv-9.9.9P1-46 is installed OR bind-doc-9.9.9P1-46 is installed OR bind-libs-9.9.9P1-46 is installed OR bind-libs-32bit-9.9.9P1-46 is installed OR bind-utils-9.9.9P1-46 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information gnutls-3.2.15-18.6 is installed OR libgnutls-openssl27-3.2.15-18.6 is installed OR libgnutls28-3.2.15-18.6 is installed OR libgnutls28-32bit-3.2.15-18.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information jakarta-commons-fileupload-1.1.1-122.3 is installed OR jakarta-commons-fileupload-javadoc-1.1.1-122.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information libvirt-2.0.0-27.61 is installed OR libvirt-client-2.0.0-27.61 is installed OR libvirt-daemon-2.0.0-27.61 is installed OR libvirt-daemon-config-network-2.0.0-27.61 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.61 is installed OR libvirt-daemon-driver-interface-2.0.0-27.61 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.61 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.61 is installed OR libvirt-daemon-driver-network-2.0.0-27.61 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.61 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.61 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.61 is installed OR libvirt-daemon-driver-secret-2.0.0-27.61 is installed OR libvirt-daemon-driver-storage-2.0.0-27.61 is installed OR libvirt-daemon-hooks-2.0.0-27.61 is installed OR libvirt-daemon-lxc-2.0.0-27.61 is installed OR libvirt-daemon-qemu-2.0.0-27.61 is installed OR libvirt-daemon-xen-2.0.0-27.61 is installed OR libvirt-doc-2.0.0-27.61 is installed OR libvirt-lock-sanlock-2.0.0-27.61 is installed OR libvirt-nss-2.0.0-27.61 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-36 is installed OR aaa_base-extras-13.2+git20140911.61c1681-36 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information java-1_7_0-openjdk-1.7.0.321-43.53.2 is installed OR java-1_7_0-openjdk-demo-1.7.0.321-43.53.2 is installed OR java-1_7_0-openjdk-devel-1.7.0.321-43.53.2 is installed OR java-1_7_0-openjdk-headless-1.7.0.321-43.53.2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND ucode-intel-20200602-13.68 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_178-94_91-default-8-2 is installed OR kgraft-patch-SLE12-SP3_Update_25-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libpython3_4m1_0-3.4.6-25.34 is installed OR python3-3.4.6-25.34 is installed OR python3-base-3.4.6-25.34 is installed OR python3-curses-3.4.6-25.34 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND ctags-5.8-7 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.30-30.46 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.40-30.54 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information MozillaFirefox-68.1.0-109.89 is installed OR MozillaFirefox-branding-SLE-68-32.8 is installed OR MozillaFirefox-translations-common-68.1.0-109.89 is installed
BACK