Alerts This Week
Warning Icon 1 631
Alerts This Week
Warning Icon 1 631

openSUSE 13.1: SUSE-SU-2016:0272-1 Important Java7 Security Update

opensuse
Calendar Grey January 28, 2016
Dist Opensuse Esm H88
Java 7 security patch resolves 9 flaws in openSUSE 13.1. Ensure your system's safety by applying the newest updates.
An update that fixes 9 vulnerabilities is now available

Description

Update OpenJDK to 7u95 / IcedTea 2.6.4 including the following fixes:

* Security fixes

- S8059054, CVE-2016-0402: Better URL processing

- S8130710, CVE-2016-0448: Better attributes processing

- S8132210: Reinforce JMX collector internals

- S8132988: Better printing dialogues

- S8133962, CVE-2016-0466: More general limits

- S8137060: JMX memory management improvements

- S8139012: Better font substitutions

- S8139017, CVE-2016-0483: More stable image decoding

- S8140543, CVE-2016-0494: Arrange font actions

- S8143185: Cleanup for handling proxies

- S8143941, CVE-2015-8126, CVE-2015-8472: Update splashscreen displays

- S8144773, CVE-2015-7575: Further reduce use of MD5 (SLOTH)

- S8142882, CVE-2015-4871: rebinding of the receiver of a

DirectMethodHandle may allow a protected method to be accessed

* Import of OpenJDK 7 u95 build 0

- S7167988: PKIX CertPathBuilder in...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory security issue update important Java openSUSE

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE 13.1:

zypper in -t patch 2016-110=1

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE 13.1 (i586 x86_64):

java-1_7_0-openjdk-1.7.0.95-24.27.1

java-1_7_0-openjdk-accessibility-1.7.0.95-24.27.1

java-1_7_0-openjdk-debuginfo-1.7.0.95-24.27.1

java-1_7_0-openjdk-debugsource-1.7.0.95-24.27.1

java-1_7_0-openjdk-demo-1.7.0.95-24.27.1

java-1_7_0-openjdk-demo-debuginfo-1.7.0.95-24.27.1

java-1_7_0-openjdk-devel-1.7.0.95-24.27.1

java-1_7_0-openjdk-devel-debuginfo-1.7.0.95-24.27.1

java-1_7_0-openjdk-headless-1.7.0.95-24.27.1

java-1_7_0-openjdk-headless-debuginfo-1.7.0.95-24.27.1

java-1_7_0-openjdk-src-1.7.0.95-24.27.1

- openSUSE 13.1 (noarch):

java-1_7_0-openjdk-javadoc-1.7.0.95-24.27.1

References

https://www.suse.com/security/cve/CVE-2015-4871.html

https://www.suse.com/security/cve/CVE-2015-7575.html

https://www.suse.com/security/cve/CVE-2015-8126.html

https://www.suse.com/security/cve/CVE-2015-8472.html

https://www.suse.com/security/cve/CVE-2016-0402.html

https://www.suse.com/security/cve/CVE-2016-0448.html

https://www.suse.com/security/cve/CVE-2016-0466.html

https://www.suse.com/security/cve/CVE-2016-0483.html

https://www.suse.com/security/cve/CVE-2016-0494.html

https://bugzilla.suse.com/show_bug.cgi?id=939523

https://bugzilla.suse.com/show_bug.cgi?id=962743

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2016:0272-1
Rating: important
Affected Products: openSUSE 13.1 .

Topics%20covered

Topics Covered

security advisory security issue update important Java openSUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here