Oval Definition:oval:org.opensuse.security:def:84241
Revision Date:2021-11-23Version:1
Title:Security update for java-1_8_0-openjdk (Important)
Description:

This update for java-1_8_0-openjdk fixes the following issues:

Update to version OpenJDK 8u312 (October 2021 CPU): - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS (bsc#1191901). - CVE-2021-35556: Fixed excessive memory allocation in RTFParser (bsc#1191910). - CVE-2021-35559: Fixed excessive memory allocation in RTFReader (bsc#1191911). - CVE-2021-35561: Fixed excessive memory allocation in HashMap and HashSet (bsc#1191912). - CVE-2021-35564: Fixed certificates with end dates too far in the future can corrupt keystore (bsc#1191913). - CVE-2021-35565: Fixed loop in HttpsServer triggered during TLS session close (bsc#1191909). - CVE-2021-35567: Fixed incorrect principal selection when using Kerberos Constrained Delegation (bsc#1191903). - CVE-2021-35578: Fixed unexpected exception raised during TLS handshake (bsc#1191904). - CVE-2021-35586: Fixed excessive memory allocation in BMPImageReader (bsc#1191914). - CVE-2021-35588: Fixed incomplete validation of inner class references in ClassFileParser (bsc#1191905) - CVE-2021-35603: Fixed non-constant comparison during TLS handshakes (bsc#1191906).
Family:unixClass:patch
Status:Reference(s):1191901
1191903
1191904
1191905
1191906
1191909
1191910
1191911
1191912
1191913
1191914
CVE-2021-35550
CVE-2021-35556
CVE-2021-35559
CVE-2021-35561
CVE-2021-35564
CVE-2021-35565
CVE-2021-35567
CVE-2021-35578
CVE-2021-35586
CVE-2021-35588
CVE-2021-35603
SUSE-SU-2021:3771-1
Platform(s):SUSE OpenStack Cloud 8
Product(s):
Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.312-27.66.1 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.312-27.66.1 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.312-27.66.1 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.312-27.66.1 is installed
  • BACK