Oval Definition:oval:org.opensuse.security:def:57588
Revision Date:2020-12-01Version:1
Title:Security update for java-1_7_0-openjdk (Important)
Description:



The OpenJDK Java java-1_7_0-openjdk was updated to 2.6.5 to fix the following issues:

Update to 2.6.5 - OpenJDK 7u99 (bsc#972468) * Security fixes - S8152335, CVE-2016-0636: Improve MethodHandle consistency, which could be used by attackers to inject code. * Import of OpenJDK 7 u99 build 0 - S6425769, PR2858: Allow specifying an address to bind JMX remote connector - S6961123: setWMClass fails to null-terminate WM_CLASS string - S8145982, PR2858: JMXInterfaceBindingTest is failing intermittently - S8146015, PR2858: JMXInterfaceBindingTest is failing intermittently for IPv6 addresses * Backports - S8028727, PR2814: [parfait] warnings from b116 for jdk.src.share.native.sun.security.ec: JNI pending exceptions - S8048512, PR2814: Uninitialised memory in jdk/src/share/native/sun/security/ec/ECC_JNI.cpp - S8071705. PR2819, RH1182694: Java application menu misbehaves when running multiple screen stacked vertically - S8150954, PR2866, RH1176206: AWT Robot not compatible with GNOME Shell * Bug fixes - PR2803: Make system CUPS optional - PR2886: Location of 'stap' executable is hard-coded - PR2893: test/tapset/jstaptest.pl should be executable - PR2894: Add missing test directory in make check. * CACAO - PR2781, CA195: typeinfo.cpp: typeinfo_merge_nonarrays: Assertion `dest && result && x.any && y.any' failed * AArch64 port - PR2852: Add support for large code cache - PR2852: Apply ReservedCodeCacheSize default limiting to AArch64 only. - S8081289, PR2852: aarch64: add support for RewriteFrequentPairs in interpreter - S8131483, PR2852: aarch64: illegal stlxr instructions - S8133352, PR2852: aarch64: generates constrained unpredictable instructions - S8133842, PR2852: aarch64: C2 generates illegal instructions with int shifts >=32 - S8134322, PR2852: AArch64: Fix several errors in C2 biased locking implementation - S8136615, PR2852: aarch64: elide DecodeN when followed by CmpP 0 - S8138575, PR2852: Improve generated code for profile counters - S8138641, PR2852: Disable C2 peephole by default for aarch64 - S8138966, PR2852: Intermittent SEGV running ParallelGC - S8143067, PR2852: aarch64: guarantee failure in javac - S8143285, PR2852: aarch64: Missing load acquire when checking if ConstantPoolCacheEntry is resolved - S8143584, PR2852: Load constant pool tag and class status with load acquire - S8144201, PR2852: aarch64: jdk/test/com/sun/net/httpserver/Test6a.java fails with --enable-unlimited-crypto - S8144582, PR2852: AArch64 does not generate correct branch profile data - S8146709, PR2852: AArch64: Incorrect use of ADRP for byte_map_base - S8147805, PR2852: aarch64: C1 segmentation fault due to inline Unsafe.getAndSetObject - S8148240, PR2852: aarch64: random infrequent null pointer exceptions in javac * PPC & AIX port - S8034797, PR2851: AIX: Fix os::naked_short_sleep() in os_aix.cpp after 8028280 - S8139258, PR2851: PPC64LE: argument passing problem when passing 15 floats in native call - S8139421, PR2851: PPC64LE: MacroAssembler::bxx64_patchable kill register R12
Family:unixClass:patch
Status:Reference(s):1007255
1032647
1036789
1052009
1053153
1064069
1064070
1064071
1064072
1064073
1064075
1064077
1064078
1064079
1064080
1064081
1064082
1064083
1064084
1064085
1064086
1069708
1090036
1090338
1096740
1098369
1119947
1146358
1146359
1160398
1160467
1160468
1169511
972468
CVE-2008-4989
CVE-2010-2761
CVE-2010-4410
CVE-2010-4411
CVE-2010-4777
CVE-2011-4128
CVE-2012-0390
CVE-2012-1569
CVE-2012-1573
CVE-2012-4510
CVE-2013-1571
CVE-2014-0092
CVE-2014-1959
CVE-2014-3466
CVE-2014-8564
CVE-2015-0294
CVE-2015-2059
CVE-2015-3622
CVE-2015-6251
CVE-2015-8853
CVE-2015-8948
CVE-2016-0636
CVE-2016-10165
CVE-2016-1238
CVE-2016-2381
CVE-2016-6185
CVE-2016-6261
CVE-2016-6262
CVE-2016-6263
CVE-2016-9082
CVE-2016-9840
CVE-2016-9841
CVE-2016-9842
CVE-2016-9843
CVE-2017-10274
CVE-2017-10281
CVE-2017-10285
CVE-2017-10295
CVE-2017-10345
CVE-2017-10346
CVE-2017-10347
CVE-2017-10348
CVE-2017-10349
CVE-2017-10350
CVE-2017-10355
CVE-2017-10356
CVE-2017-10357
CVE-2017-10388
CVE-2017-10661
CVE-2017-16939
CVE-2017-7475
CVE-2018-1000199
CVE-2018-16884
CVE-2018-3665
CVE-2018-3760
CVE-2019-14896
CVE-2019-14897
CVE-2019-8675
CVE-2019-8696
CVE-2020-2754
CVE-2020-2755
CVE-2020-2756
CVE-2020-2757
CVE-2020-2773
CVE-2020-2781
CVE-2020-2800
CVE-2020-2803
CVE-2020-2805
CVE-2020-2830
SUSE-SU-2016:0956-1
SUSE-SU-2017:1671-1
SUSE-SU-2017:2989-1
SUSE-SU-2017:3320-1
SUSE-SU-2018:1223-1
SUSE-SU-2018:1945-1
SUSE-SU-2018:2217-1
SUSE-SU-2019:3057-1
SUSE-SU-2020:0204-1
SUSE-SU-2020:1686-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND libass9-0.14.0-lp150.1 is installed
  • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • qbittorrent-4.1.5-lp151.2.3 is installed
  • OR qbittorrent-nox-4.1.5-lp151.2.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.99-0.20 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.99-0.20 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.99-0.20 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_54-default-5-2 is installed
  • OR kgraft-patch-3_12_74-60_64_54-xen-5-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_19-5-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND ant-1.9.4-1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • perl-5.18.2-12.14 is installed
  • OR perl-32bit-5.18.2-12.14 is installed
  • OR perl-base-5.18.2-12.14 is installed
  • OR perl-doc-5.18.2-12.14 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • xen-4.7.5_04-43.33 is installed
  • OR xen-doc-html-4.7.5_04-43.33 is installed
  • OR xen-libs-4.7.5_04-43.33 is installed
  • OR xen-libs-32bit-4.7.5_04-43.33 is installed
  • OR xen-tools-4.7.5_04-43.33 is installed
  • OR xen-tools-domU-4.7.5_04-43.33 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_114-92_64-default-5-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_18-5-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • bzip2-1.0.6-29 is installed
  • OR bzip2-doc-1.0.6-29 is installed
  • OR libbz2-1-1.0.6-29 is installed
  • OR libbz2-1-32bit-1.0.6-29 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • strongswan-5.1.3-26.13 is installed
  • OR strongswan-doc-5.1.3-26.13 is installed
  • OR strongswan-hmac-5.1.3-26.13 is installed
  • OR strongswan-ipsec-5.1.3-26.13 is installed
  • OR strongswan-libs0-5.1.3-26.13 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • wicked-0.6.60-38.27 is installed
  • OR wicked-service-0.6.60-38.27 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_156-94_64-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_20-6-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libwireshark9-2.4.13-48.42 is installed
  • OR libwiretap7-2.4.13-48.42 is installed
  • OR libwscodecs1-2.4.13-48.42 is installed
  • OR libwsutil8-2.4.13-48.42 is installed
  • OR wireshark-2.4.13-48.42 is installed
  • OR wireshark-gtk-2.4.13-48.42 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • guile-2.0.9-8 is installed
  • OR guile-modules-2_0-2.0.9-8 is installed
  • OR libguile-2_0-22-2.0.9-8 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • ruby2.1-rubygem-sprockets-2_12-2.12.5-1.3 is installed
  • OR rubygem-sprockets-2_12-2.12.5-1.3 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • MozillaFirefox-68.8.0-109.119 is installed
  • OR MozillaFirefox-translations-common-68.8.0-109.119 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • grafana-4.5.1-4.3 is installed
  • OR kafka-0.9.0.1-5.3 is installed
  • OR logstash-2.4.1-5.4 is installed
  • OR openstack-monasca-installer-20180622_15.06-3.6 is installed
  • BACK