Oval Definition:oval:org.opensuse.security:def:67326
Revision Date:2021-11-23Version:1
Title:Security update for java-1_8_0-openjdk (Important)
Description:

This update for java-1_8_0-openjdk fixes the following issues:

Update to version OpenJDK 8u312 (October 2021 CPU): - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS (bsc#1191901). - CVE-2021-35556: Fixed excessive memory allocation in RTFParser (bsc#1191910). - CVE-2021-35559: Fixed excessive memory allocation in RTFReader (bsc#1191911). - CVE-2021-35561: Fixed excessive memory allocation in HashMap and HashSet (bsc#1191912). - CVE-2021-35564: Fixed certificates with end dates too far in the future can corrupt keystore (bsc#1191913). - CVE-2021-35565: Fixed loop in HttpsServer triggered during TLS session close (bsc#1191909). - CVE-2021-35567: Fixed incorrect principal selection when using Kerberos Constrained Delegation (bsc#1191903). - CVE-2021-35578: Fixed unexpected exception raised during TLS handshake (bsc#1191904). - CVE-2021-35586: Fixed excessive memory allocation in BMPImageReader (bsc#1191914). - CVE-2021-35588: Fixed incomplete validation of inner class references in ClassFileParser (bsc#1191905) - CVE-2021-35603: Fixed non-constant comparison during TLS handshakes (bsc#1191906).
Family:unixClass:patch
Status:Reference(s):1160790
1161088
1161089
1161670
1165548
1168554
1172177
1172182
1172184
1172186
1173351
1191901
1191903
1191904
1191905
1191906
1191909
1191910
1191911
1191912
1191913
1191914
CVE-2019-16770
CVE-2019-16785
CVE-2019-16786
CVE-2019-16789
CVE-2019-16792
CVE-2019-5418
CVE-2019-5419
CVE-2019-5420
CVE-2020-11076
CVE-2020-11077
CVE-2020-15169
CVE-2020-5247
CVE-2020-5249
CVE-2020-5267
CVE-2020-8164
CVE-2020-8165
CVE-2020-8166
CVE-2020-8167
CVE-2020-8184
CVE-2020-8185
CVE-2021-35550
CVE-2021-35556
CVE-2021-35559
CVE-2021-35561
CVE-2021-35564
CVE-2021-35565
CVE-2021-35567
CVE-2021-35578
CVE-2021-35586
CVE-2021-35588
CVE-2021-35603
SUSE-SU-2020:3036-1
Platform(s):SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP3
SUSE Linux Enterprise Module for Public Cloud 15 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • python-waitress-1.4.3-3.3 is installed
  • OR python2-waitress-1.4.3-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 15 SP2 is installed
  • AND Package Information
  • rmt-server-2.6.5-3.3 is installed
  • OR rmt-server-pubcloud-2.6.5-3.3 is installed
    • BACK