Oval Definition:oval:org.opensuse.security:def:83480
Revision Date:2021-11-24Version:1
Title:Security update for java-1_7_0-openjdk (Important)
Description:

This update for java-1_7_0-openjdk fixes the following issues:



Update to OpenJDK 7u321 (October 2021 CPU):

- CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS (bsc#1191901). - CVE-2021-35556: Fixed excessive memory allocation in RTFParser (bsc#1191910). - CVE-2021-35559: Fixed excessive memory allocation in RTFReader (bsc#1191911). - CVE-2021-35561: Fixed excessive memory allocation in HashMap and HashSet (bsc#1191912). - CVE-2021-35564: Fixed certificates with end dates too far in the future can corrupt keystore (bsc#1191913). - CVE-2021-35565: Fixed loop in HttpsServer triggered during TLS session close (bsc#1191909). - CVE-2021-35586: Fixed excessive memory allocation in BMPImageReader (bsc#1191914). - CVE-2021-35588: Fixed incomplete validation of inner class references in ClassFileParser (bsc#1191905) - CVE-2021-35603: Fixed non-constant comparison during TLS handshakes (bsc#1191906).
Family:unixClass:patch
Status:Reference(s):1191901
1191905
1191906
1191909
1191910
1191911
1191912
1191913
1191914
CVE-2021-35550
CVE-2021-35556
CVE-2021-35559
CVE-2021-35561
CVE-2021-35564
CVE-2021-35565
CVE-2021-35586
CVE-2021-35588
CVE-2021-35603
Platform(s):SUSE Linux Enterprise Server 12 SP2-LTSS-SAP
Product(s):
BACK