Revision Date: | 2021-11-24 | Version: | 1 |
Title: | Security update for java-1_7_0-openjdk (Important) |
Description: |
This update for java-1_7_0-openjdk fixes the following issues:
Update to OpenJDK 7u321 (October 2021 CPU):
- CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS (bsc#1191901). - CVE-2021-35556: Fixed excessive memory allocation in RTFParser (bsc#1191910). - CVE-2021-35559: Fixed excessive memory allocation in RTFReader (bsc#1191911). - CVE-2021-35561: Fixed excessive memory allocation in HashMap and HashSet (bsc#1191912). - CVE-2021-35564: Fixed certificates with end dates too far in the future can corrupt keystore (bsc#1191913). - CVE-2021-35565: Fixed loop in HttpsServer triggered during TLS session close (bsc#1191909). - CVE-2021-35586: Fixed excessive memory allocation in BMPImageReader (bsc#1191914). - CVE-2021-35588: Fixed incomplete validation of inner class references in ClassFileParser (bsc#1191905) - CVE-2021-35603: Fixed non-constant comparison during TLS handshakes (bsc#1191906).
|
Family: | unix | Class: | patch |
Status: | | Reference(s): | 1191901 1191905 1191906 1191909 1191910 1191911 1191912 1191913 1191914 CVE-2021-35550 CVE-2021-35556 CVE-2021-35559 CVE-2021-35561 CVE-2021-35564 CVE-2021-35565 CVE-2021-35586 CVE-2021-35588 CVE-2021-35603
|
Platform(s): | SUSE Linux Enterprise Server 12 SP2-LTSS-SAP
| Product(s): | |