Oval Definition:oval:org.opensuse.security:def:69616
Revision Date:2022-01-04Version:1
Title:Security update for java-1_8_0-ibm (Important) (in QA)
Description:

This update for java-1_8_0-ibm fixes the following issues:

- Update to Java 8.0 Service Refresh 7 Fix Pack 0 - CVE-2021-41035: before version 0.29.0, the openj9 JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods. (bsc#1194198, bsc#1192052) - CVE-2021-35586: Excessive memory allocation in BMPImageReader. (bsc#1191914) - CVE-2021-35564: Certificates with end dates too far in the future can corrupt keystore. (bsc#1191913) - CVE-2021-35559: Excessive memory allocation in RTFReader. (bsc#1191911) - CVE-2021-35556: Excessive memory allocation in RTFParser. (bsc#1191910) - CVE-2021-35565: Loop in HttpsServer triggered during TLS session close. (bsc#1191909) - CVE-2021-35588: Incomplete validation of inner class references in ClassFileParser. (bsc#1191905) - CVE-2021-2341: Fixed a flaw inside the FtpClient. (bsc#1188564) - CVE-2021-2369: JAR file handling problem containing multiple MANIFEST.MF files. (bsc#1188565) - CVE-2021-2163: Incomplete enforcement of JAR signing disabled algorithms. (bsc#1185055) - CVE-2021-35560: Fixed a vulnerability in the component Deployment. (bsc#1191902) - CVE-2021-35578: Fixed unexpected exception raised during TLS handshake. (bsc#1191904)

This patch is currently in QA and not yet available for download.
Family:unixClass:patch
Status:Reference(s):1051510
1054914
1055117
1061840
1065600
1065729
1071995
1082555
1104967
1109158
1111666
1113722
1114279
1119086
1123034
1127988
1131304
1137069
1137865
1137959
1137982
1140155
1141013
1142076
1142635
1146042
1146519
1146540
1146664
1148133
1148712
1148868
1149313
1149446
1149555
1149651
1150305
1150381
1150423
1150846
1151067
1151192
1151350
1151610
1151661
1151662
1151667
1151680
1151891
1151955
1152024
1152025
1152026
1152161
1152187
1152243
1152325
1152457
1152460
1152466
1152525
1152972
1152974
1152975
1185055
1188564
1188565
1191902
1191904
1191905
1191909
1191910
1191911
1191913
1191914
1192052
1194198
1194232
CVE-2013-0221
CVE-2013-0222
CVE-2013-0223
CVE-2015-4041
CVE-2015-4042
CVE-2017-18595
CVE-2017-7476
CVE-2019-14821
CVE-2019-15291
CVE-2019-9506
CVE-2021-2163
CVE-2021-2341
CVE-2021-2369
CVE-2021-35556
CVE-2021-35559
CVE-2021-35560
CVE-2021-35564
CVE-2021-35565
CVE-2021-35578
CVE-2021-35586
CVE-2021-35588
CVE-2021-41035
SUSE-SU-2019:2710-1
Platform(s):SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Workstation Extension 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND Package Information
  • coreutils-8.29-2 is installed
  • OR coreutils-lang-8.29-2 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND
  • java-1_8_0-ibm-1.8.0_sr7.0-3.53.1 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr7.0-3.53.1 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr7.0-3.53.1 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr7.0-3.53.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND
  • java-1_8_0-ibm-1.8.0_sr7.0-3.53.1 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr7.0-3.53.1 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr7.0-3.53.1 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr7.0-3.53.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • kernel-default-4.12.14-197.21 is installed
  • OR kernel-default-extra-4.12.14-197.21 is installed
    • BACK