Oval Definition:oval:org.opensuse.security:def:69562
Revision Date:2021-11-23Version:1
Title:Security update for java-1_8_0-openjdk (Important)
Description:

This update for java-1_8_0-openjdk fixes the following issues:

Update to version OpenJDK 8u312 (October 2021 CPU): - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS (bsc#1191901). - CVE-2021-35556: Fixed excessive memory allocation in RTFParser (bsc#1191910). - CVE-2021-35559: Fixed excessive memory allocation in RTFReader (bsc#1191911). - CVE-2021-35561: Fixed excessive memory allocation in HashMap and HashSet (bsc#1191912). - CVE-2021-35564: Fixed certificates with end dates too far in the future can corrupt keystore (bsc#1191913). - CVE-2021-35565: Fixed loop in HttpsServer triggered during TLS session close (bsc#1191909). - CVE-2021-35567: Fixed incorrect principal selection when using Kerberos Constrained Delegation (bsc#1191903). - CVE-2021-35578: Fixed unexpected exception raised during TLS handshake (bsc#1191904). - CVE-2021-35586: Fixed excessive memory allocation in BMPImageReader (bsc#1191914). - CVE-2021-35588: Fixed incomplete validation of inner class references in ClassFileParser (bsc#1191905) - CVE-2021-35603: Fixed non-constant comparison during TLS handshakes (bsc#1191906).
Family:unixClass:patch
Status:Reference(s):1051510
1055117
1071995
1083647
1083710
1102247
1103991
1103992
1104745
1109837
1111666
1112374
1119222
1123080
1127034
1127315
1127611
1129770
1130972
1133021
1134090
1134097
1134390
1134399
1135335
1135642
1136217
1136342
1136460
1136461
1136462
1136467
1137458
1137534
1137535
1137584
1137609
1137811
1137827
1138874
1139358
1139619
1140133
1140139
1140322
1140559
1140652
1140676
1140903
1140945
1140948
1141312
1141401
1141402
1141452
1141453
1141454
1141478
1141558
1142023
1142052
1142083
1142112
1142115
1142119
1142220
1142221
1142254
1142350
1142351
1142354
1142359
1142450
1142623
1142673
1142701
1142868
1143003
1143045
1143105
1143185
1143189
1143191
1143209
1143507
1159973
1191901
1191903
1191904
1191905
1191906
1191909
1191910
1191911
1191912
1191913
1191914
CVE-2018-20855
CVE-2019-1125
CVE-2019-11810
CVE-2019-13631
CVE-2019-13648
CVE-2019-14283
CVE-2019-14284
CVE-2021-35550
CVE-2021-35556
CVE-2021-35559
CVE-2021-35561
CVE-2021-35564
CVE-2021-35565
CVE-2021-35567
CVE-2021-35578
CVE-2021-35586
CVE-2021-35588
CVE-2021-35603
SUSE-SU-2019:2073-1
SUSE-SU-2020:0413-1
SUSE-SU-2021:3770-1
Platform(s):SUSE Linux Enterprise High Availability 15 SP1
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Workstation Extension 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise High Availability 15 SP1 is installed
  • AND Package Information
  • cluster-md-kmp-default-4.12.14-197.15 is installed
  • OR dlm-kmp-default-4.12.14-197.15 is installed
  • OR gfs2-kmp-default-4.12.14-197.15 is installed
  • OR kernel-default-4.12.14-197.15 is installed
  • OR ocfs2-kmp-default-4.12.14-197.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.312-3.58.2 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.312-3.58.2 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.312-3.58.2 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.312-3.58.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND enigmail-2.1.5-3.22 is installed
    • BACK