Oval Definition:oval:org.opensuse.security:def:69757
Revision Date:2021-11-23Version:1
Title:Security update for java-1_8_0-openjdk (Important)
Description:

This update for java-1_8_0-openjdk fixes the following issues:

Update to version OpenJDK 8u312 (October 2021 CPU): - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS (bsc#1191901). - CVE-2021-35556: Fixed excessive memory allocation in RTFParser (bsc#1191910). - CVE-2021-35559: Fixed excessive memory allocation in RTFReader (bsc#1191911). - CVE-2021-35561: Fixed excessive memory allocation in HashMap and HashSet (bsc#1191912). - CVE-2021-35564: Fixed certificates with end dates too far in the future can corrupt keystore (bsc#1191913). - CVE-2021-35565: Fixed loop in HttpsServer triggered during TLS session close (bsc#1191909). - CVE-2021-35567: Fixed incorrect principal selection when using Kerberos Constrained Delegation (bsc#1191903). - CVE-2021-35578: Fixed unexpected exception raised during TLS handshake (bsc#1191904). - CVE-2021-35586: Fixed excessive memory allocation in BMPImageReader (bsc#1191914). - CVE-2021-35588: Fixed incomplete validation of inner class references in ClassFileParser (bsc#1191905) - CVE-2021-35603: Fixed non-constant comparison during TLS handshakes (bsc#1191906).
Family:unixClass:patch
Status:Reference(s):1191901
1191903
1191904
1191905
1191906
1191909
1191910
1191911
1191912
1191913
1191914
CVE-2009-5029
CVE-2009-5064
CVE-2010-3192
CVE-2012-3406
CVE-2012-4412
CVE-2013-0242
CVE-2013-1914
CVE-2013-2207
CVE-2013-4237
CVE-2013-4332
CVE-2013-4458
CVE-2013-7423
CVE-2014-0475
CVE-2014-4043
CVE-2014-5119
CVE-2014-6040
CVE-2014-7817
CVE-2014-8121
CVE-2014-9402
CVE-2014-9761
CVE-2015-1472
CVE-2015-1473
CVE-2015-1781
CVE-2015-5180
CVE-2015-7547
CVE-2015-8776
CVE-2015-8777
CVE-2015-8778
CVE-2015-8779
CVE-2016-1234
CVE-2016-3075
CVE-2016-3706
CVE-2016-4429
CVE-2016-5417
CVE-2016-6323
CVE-2017-1000366
CVE-2017-1000408
CVE-2017-1000409
CVE-2017-12132
CVE-2017-12133
CVE-2017-15670
CVE-2017-15671
CVE-2017-15804
CVE-2017-16997
CVE-2017-17426
CVE-2017-18269
CVE-2018-1000001
CVE-2018-11236
CVE-2018-11237
CVE-2018-15120
CVE-2018-6485
CVE-2018-6551
CVE-2021-35550
CVE-2021-35556
CVE-2021-35559
CVE-2021-35561
CVE-2021-35564
CVE-2021-35565
CVE-2021-35567
CVE-2021-35578
CVE-2021-35586
CVE-2021-35588
CVE-2021-35603
SUSE-SU-2021:3770-1
Platform(s):SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Server 15 SP1-BCL
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND glibc-locale-32bit-2.26-13.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15 SP1-BCL is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.312-3.58.2 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.312-3.58.2 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.312-3.58.2 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.312-3.58.2 is installed
    • BACK