Oval Definition:oval:org.opensuse.security:def:85568
Revision Date:2020-04-07Version:1
Title:Security update for java-1_7_1-ibm (Important)
Description:

This update for java-1_7_1-ibm fixes the following issues:

Java was updated to 7.1 Service Refresh 4 Fix Pack 60 [bsc#1162972, bsc#1160968].

Security issues fixed:

- CVE-2020-2583: Fixed a serialization vulnerability in BeanContextSupport (bsc#1162972). - CVE-2020-2593: Fixed an incorrect check in isBuiltinStreamHandler, causing URL normalization issues (bsc#1162972). - CVE-2020-2604: Fixed a serialization issue in jdk.serialFilter (bsc#1162972). - CVE-2020-2659: Fixed the incomplete enforcement of the maxDatagramSockets limit in DatagramChannelImpl (bsc#1162972).

Non-security issues fixed:

Class Libraries: IJ22333 HANG IN JAVA_JAVA_NET_SOCKETINPUTSTREAM_SOCKETREAD0 EVEN WHEN TIMEOUT IS SET IJ22350 JAVA 7 AND JAVA 8 NOT WORKING WELL WITH TRADITIONAL/SIMPLIFIED CHINESE EDITION OF WINDOWS CLIENT SYSTEM IJ22337 THE NAME OF THE REPUBLIC OF BELARUS IN THE RUSSIAN LOCALE INCONSISTENT WITH CLDR IJ22349 UPDATE TIMEZONE INFORMATION TO TZDATA2019C * JIT Compiler: IJ11368 JAVA JIT PPC: CRASH IN JIT COMPILED CODE ON PPC MACHINES
Family:unixClass:patch
Status:Reference(s):1160968
1162972
CVE-2020-2583
CVE-2020-2593
CVE-2020-2604
CVE-2020-2659
SUSE-SU-2020:0456-1
Platform(s):SUSE Linux Enterprise Server 12 SP3-LTSS
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.60-38.47.1 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.60-38.47.1 is installed
  • OR java-1_7_1-ibm-devel-1.7.1_sr4.60-38.47.1 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.60-38.47.1 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.60-38.47.1 is installed
  • BACK