openSUSE Security Update: Security update for java-1_7_0-openjdk
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2017:0513-1
Rating:             important
References:         #1020905 
Cross-References:   CVE-2016-2183 CVE-2016-5546 CVE-2016-5547
                    CVE-2016-5548 CVE-2016-5549 CVE-2016-5552
                    CVE-2017-3231 CVE-2017-3241 CVE-2017-3252
                    CVE-2017-3253 CVE-2017-3259 CVE-2017-3260
                    CVE-2017-3261 CVE-2017-3272 CVE-2017-3289
                   
Affected Products:
                    openSUSE Leap 42.2
                    openSUSE Leap 42.1
______________________________________________________________________________

   An update that fixes 15 vulnerabilities is now available.

Description:

   This update for java-1_7_0-openjdk fixes the following issues:

   - Oracle Critical Patch Update of January 2017 to OpenJDK 7u131
     (bsc#1020905):
     * Security Fixes
       - S8138725: Add options for Javadoc generation
       - S8140353: Improve signature checking
       - S8151934, CVE-2017-3231: Resolve class resolution
       - S8156804, CVE-2017-3241: Better constraint checking
       - S8158406: Limited Parameter Processing
       - S8158997: JNDI Protocols Switch
       - S8159507: RuntimeVisibleAnnotation validation
       - S8161218: Better bytecode loading
       - S8161743, CVE-2017-3252: Provide proper login context
       - S8162577: Standardize logging levels
       - S8162973: Better component components
       - S8164143, CVE-2017-3260: Improve components for menu items
       - S8164147, CVE-2017-3261: Improve streaming socket output
       - S8165071, CVE-2016-2183: Expand TLS support
       - S8165344, CVE-2017-3272: Update concurrency support
       - S8166988, CVE-2017-3253: Improve image processing performance
       - S8167104, CVE-2017-3289: Additional class construction refinements
       - S8167223, CVE-2016-5552: URL handling improvements
       - S8168705, CVE-2016-5547: Better ObjectIdentifier validation
       - S8168714, CVE-2016-5546: Tighten ECDSA validation
       - S8168728, CVE-2016-5548: DSA signing improvments
       - S8168724, CVE-2016-5549: ECDSA signing improvments
       - S6253144: Long narrowing conversion should describe the algorithm
         used and implied "risks"
       - S6328537: Improve javadocs for Socket class by adding references to
         SocketOptions
       - S6978886: javadoc shows stacktrace after print error resulting from
         disk full
       - S6995421: Eliminate the static dependency to
         sun.security.ec.ECKeyFactory
       - S6996372: synchronizing handshaking hash
       - S7027045: (doc) java/awt/Window.java has several typos in javadoc
       - S7054969: Null-check-in-finally pattern in java/security
         documentation
       - S7072353: JNDI libraries do not build with javac -Xlint:all -Werror
       - S7075563: Broken link in "javax.swing.SwingWorker"
       - S7077672: jdk8_tl nightly fail in step-2 build on 8/10/11
       - S7088502: Security libraries don't build with javac -Werror
       - S7092447: Clarify the default locale used in each locale sensitive
         operation
       - S7093640: Enable client-side TLS 1.2 by default
       - S7103570: AtomicIntegerFieldUpdater does not work when
         SecurityManager is installed
       - S7117360: Warnings in java.util.concurrent.atomic package
       - S7117465: Warning cleanup for IMF classes
       - S7187144: JavaDoc for ScriptEngineFactory.getProgram() contains an
         error
       - S8000418: javadoc should used a standard "generated by javadoc"
         string
       - S8000666: javadoc should write directly to Writer instead of
         composing strings
       - S8000673: remove dead code from HtmlWriter and subtypes
       - S8000970: break out auxiliary classes that will prevent multi-core
         compilation of the JDK
       - S8001669: javadoc internal DocletAbortException should set cause
         when appropriate
       - S8008949: javadoc stopped copying doc-files
       - S8011402: Move blacklisting certificate logic from hard code to data
       - S8011547: Update XML Signature implementation to Apache Santuario
         1.5.4
       - S8012288: XML DSig API allows wrong tag names and extra elements in
         SignedInfo
       - S8016217: More javadoc warnings
       - S8017325: Cleanup of the javadoc  tag in java.security.cert
       - S8017326: Cleanup of the javadoc  tag in java.security.spec
       - S8019772: Fix doclint issues in javax.crypto and javax.security
         subpackages
       - S8020557: javadoc cleanup in javax.security
       - S8020688: Broken links in documentation at
         https://docs.oracle.com/en/java/javase/21/.
       - S8021108: Clean up doclint warnings and errors in java.text package
       - S8021417: Fix doclint issues in java.util.concurrent
       - S8021833: javadoc cleanup in java.net
       - S8022120: JCK test
         api/javax_xml/crypto/dsig/TransformService/index_ParamMethods fails
       - S8022175: Fix doclint warnings in javax.print
       - S8022406: Fix doclint issues in java.beans
       - S8022746: List of spelling errors in API doc
       - S8024779: [macosx] SwingNode crashes on exit
       - S8025085: [javadoc] some errors in javax/swing
       - S8025218: [javadoc] some errors in java/awt classes
       - S8025249: [javadoc] fix some javadoc errors in javax/swing/
       - S8025409: Fix javadoc comments errors and warning reported by
         doclint report
       - S8026021: more fix of javadoc errors and warnings reported by
         doclint, see the description
       - S8037099: [macosx] Remove all references to GC from native OBJ-C code
       - S8038184: XMLSignature throws StringIndexOutOfBoundsException if ID
         attribute value is empty String
       - S8038349: Signing XML with DSA throws Exception when key is larger
         than 1024 bits
       - S8049244: XML Signature performance issue caused by unbuffered
         signature data
       - S8049432: New tests for TLS property jdk.tls.client.protocols
       - S8050893: (smartcardio) Invert reset argument in tests in
         sun/security/smartcardio
       - S8059212: Modify regression tests so that they do not just fail if
         no cardreader found
       - S8068279: (typo in the spec)
         javax.script.ScriptEngineFactory.getLanguageName
       - S8068491: Update the protocol for references of docs.oracle.com to
         HTTPS.
       - S8069038: javax/net/ssl/TLS/TLSClientPropertyTest.java needs to be
         updated for JDK-8061210
       - S8076369: Introduce the jdk.tls.client.protocols system property for
         JDK 7u
       - S8139565: Restrict certificates with DSA keys less than 1024 bits
       - S8140422: Add mechanism to allow non default root CAs to be not
         subject to algorithm restrictions
       - S8140587: Atomic*FieldUpdaters should use Class.isInstance instead
         of direct class check
       - S8143959: Certificates requiring blacklisting
       - S8145984: [macosx] sun.lwawt.macosx.CAccessible leaks
       - S8148516: Improve the default strength of EC in JDK
       - S8149029: Secure validation of XML based digital signature always
         enabled when checking wrapping attacks
       - S8151893: Add security property to configure XML Signature secure
         validation mode
       - S8155760: Implement Serialization Filtering
       - S8156802: Better constraint checking
       - S8161228: URL objects with custom protocol handlers have port
         changed after deserializing
       - S8161571: Verifying ECDSA signatures permits trailing bytes
       - S8163304: jarsigner -verbose -verify should print the algorithms
         used to sign the jar
       - S8164908: ReflectionFactory support for IIOP and custom serialization
       - S8165230: RMIConnection addNotificationListeners failing with
         specific inputs
       - S8166393: disabledAlgorithms property should not be strictly parsed
       - S8166591: [macos 10.12] Trackpad scrolling of text on OS X 10.12
         Sierra is very fast (Trackpad, Retina only)
       - S8166739: Improve extensibility of ObjectInputFilter information
         passed to the filter
       - S8166875: (tz) Support tzdata2016g
       - S8166878: Connection reset during TLS handshake
       - S8167356: Follow up fix for jdk8 backport of 8164143. Changes for
         CMenuComponent.m were missed
       - S8167459: Add debug output for indicating if a chosen ciphersuite
         was legacy
       - S8167472: Chrome interop regression with JDK-8148516
       - S8167591: Add MD5 to signed JAR restrictions
       - S8168861: AnchorCertificates uses hardcoded password for cacerts
         keystore
       - S8168993: JDK8u121 L10n resource file update
       - S8169191: (tz) Support tzdata2016i
       - S8169688: Backout (remove) MD5 from jdk.jar.disabledAlgorithms for
         January CPU
       - S8169911: Enhanced tests for jarsigner -verbose -verify after
         JDK-8163304
       - S8170131: Certificates not being blocked by
         jdk.tls.disabledAlgorithms property
       - S8170268: 8u121 L10n resource file update - msgdrop 20
       - S8173622: Backport of 7180907 is incomplete
       - S8173849: Fix use of java.util.Base64 in test cases
       - S8173854: [TEST] Update DHEKeySizing test case following 8076328 &
         8081760
       - CVE-2017-3259 Vulnerability allows unauthenticated attacker with
         network access via multiple protocols to compromise Java SE.
     * Backports
       - S7102489, PR3316, RH1390708: RFE: cleanup jlong typedef on
         __APPLE__and _LLP64 systems.
       - S8000351, PR3316, RH1390708: Tenuring threshold should be unsigned
       - S8153711, PR3315, RH1284948: [REDO] GlobalRefs never deleted when
         processing invokeMethod command
       - S8170888, PR3316, RH1390708: [linux] support for cgroup memory
         limits in container (ie Docker) environments
     * Bug fixes
       - PR3318: Replace 'infinality' with 'improved font rendering'
         (--enable-improved-font-rendering)
       - PR3318: Fix compatibility with vanilla Fontconfig
       - PR3318: Fix glyph y advance
       - PR3318: Always round glyph advance in 26.6 space
       - PR3318: Simplify glyph advance handling
       - PR3324: Fix NSS_LIBDIR substitution in make_generic_profile.sh
         broken by PR1989
     * AArch64 port
       - S8165673, PR3320: AArch64: Fix JNI floating point argument handling

   This update was imported from the SUSE:SLE-12:Update update project.


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE Leap 42.2:

      zypper in -t patch openSUSE-2017-278=1

   - openSUSE Leap 42.1:

      zypper in -t patch openSUSE-2017-278=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE Leap 42.2 (i586 x86_64):

      java-1_7_0-openjdk-1.7.0.131-40.1
      java-1_7_0-openjdk-accessibility-1.7.0.131-40.1
      java-1_7_0-openjdk-bootstrap-1.7.0.131-40.1
      java-1_7_0-openjdk-bootstrap-debuginfo-1.7.0.131-40.1
      java-1_7_0-openjdk-bootstrap-debugsource-1.7.0.131-40.1
      java-1_7_0-openjdk-bootstrap-devel-1.7.0.131-40.1
      java-1_7_0-openjdk-bootstrap-devel-debuginfo-1.7.0.131-40.1
      java-1_7_0-openjdk-bootstrap-headless-1.7.0.131-40.1
      java-1_7_0-openjdk-bootstrap-headless-debuginfo-1.7.0.131-40.1
      java-1_7_0-openjdk-debuginfo-1.7.0.131-40.1
      java-1_7_0-openjdk-debugsource-1.7.0.131-40.1
      java-1_7_0-openjdk-demo-1.7.0.131-40.1
      java-1_7_0-openjdk-demo-debuginfo-1.7.0.131-40.1
      java-1_7_0-openjdk-devel-1.7.0.131-40.1
      java-1_7_0-openjdk-devel-debuginfo-1.7.0.131-40.1
      java-1_7_0-openjdk-headless-1.7.0.131-40.1
      java-1_7_0-openjdk-headless-debuginfo-1.7.0.131-40.1
      java-1_7_0-openjdk-src-1.7.0.131-40.1

   - openSUSE Leap 42.2 (noarch):

      java-1_7_0-openjdk-javadoc-1.7.0.131-40.1

   - openSUSE Leap 42.1 (i586 x86_64):

      java-1_7_0-openjdk-1.7.0.131-40.1
      java-1_7_0-openjdk-accessibility-1.7.0.131-40.1
      java-1_7_0-openjdk-bootstrap-1.7.0.131-40.1
      java-1_7_0-openjdk-bootstrap-debuginfo-1.7.0.131-40.1
      java-1_7_0-openjdk-bootstrap-debugsource-1.7.0.131-40.1
      java-1_7_0-openjdk-bootstrap-devel-1.7.0.131-40.1
      java-1_7_0-openjdk-bootstrap-devel-debuginfo-1.7.0.131-40.1
      java-1_7_0-openjdk-bootstrap-headless-1.7.0.131-40.1
      java-1_7_0-openjdk-bootstrap-headless-debuginfo-1.7.0.131-40.1
      java-1_7_0-openjdk-debuginfo-1.7.0.131-40.1
      java-1_7_0-openjdk-debugsource-1.7.0.131-40.1
      java-1_7_0-openjdk-demo-1.7.0.131-40.1
      java-1_7_0-openjdk-demo-debuginfo-1.7.0.131-40.1
      java-1_7_0-openjdk-devel-1.7.0.131-40.1
      java-1_7_0-openjdk-devel-debuginfo-1.7.0.131-40.1
      java-1_7_0-openjdk-headless-1.7.0.131-40.1
      java-1_7_0-openjdk-headless-debuginfo-1.7.0.131-40.1
      java-1_7_0-openjdk-src-1.7.0.131-40.1

   - openSUSE Leap 42.1 (noarch):

      java-1_7_0-openjdk-javadoc-1.7.0.131-40.1


References:

   https://www.suse.com/security/cve/CVE-2016-2183.html
   https://www.suse.com/security/cve/CVE-2016-5546.html
   https://www.suse.com/security/cve/CVE-2016-5547.html
   https://www.suse.com/security/cve/CVE-2016-5548.html
   https://www.suse.com/security/cve/CVE-2016-5549.html
   https://www.suse.com/security/cve/CVE-2016-5552.html
   https://www.suse.com/security/cve/CVE-2017-3231.html
   https://www.suse.com/security/cve/CVE-2017-3241.html
   https://www.suse.com/security/cve/CVE-2017-3252.html
   https://www.suse.com/security/cve/CVE-2017-3253.html
   https://www.suse.com/security/cve/CVE-2017-3259.html
   https://www.suse.com/security/cve/CVE-2017-3260.html
   https://www.suse.com/security/cve/CVE-2017-3261.html
   https://www.suse.com/security/cve/CVE-2017-3272.html
   https://www.suse.com/security/cve/CVE-2017-3289.html
   https://bugzilla.suse.com/1020905

--

openSUSE: 2017:0513-1: important: java-1_7_0-openjdk

February 19, 2017
An update that fixes 15 vulnerabilities is now available.

Description

This update for java-1_7_0-openjdk fixes the following issues: - Oracle Critical Patch Update of January 2017 to OpenJDK 7u131 (bsc#1020905): * Security Fixes - S8138725: Add options for Javadoc generation - S8140353: Improve signature checking - S8151934, CVE-2017-3231: Resolve class resolution - S8156804, CVE-2017-3241: Better constraint checking - S8158406: Limited Parameter Processing - S8158997: JNDI Protocols Switch - S8159507: RuntimeVisibleAnnotation validation - S8161218: Better bytecode loading - S8161743, CVE-2017-3252: Provide proper login context - S8162577: Standardize logging levels - S8162973: Better component components - S8164143, CVE-2017-3260: Improve components for menu items - S8164147, CVE-2017-3261: Improve streaming socket output - S8165071, CVE-2016-2183: Expand TLS support - S8165344, CVE-2017-3272: Update concurrency support - S8166988, CVE-2017-3253: Improve image processing performance - S8167104, CVE-2017-3289: Additional class construction refinements - S8167223, CVE-2016-5552: URL handling improvements - S8168705, CVE-2016-5547: Better ObjectIdentifier validation - S8168714, CVE-2016-5546: Tighten ECDSA validation - S8168728, CVE-2016-5548: DSA signing improvments - S8168724, CVE-2016-5549: ECDSA signing improvments - S6253144: Long narrowing conversion should describe the algorithm used and implied "risks" - S6328537: Improve javadocs for Socket class by adding references to SocketOptions - S6978886: javadoc shows stacktrace after print error resulting from disk full - S6995421: Eliminate the static dependency to sun.security.ec.ECKeyFactory - S6996372: synchronizing handshaking hash - S7027045: (doc) java/awt/Window.java has several typos in javadoc - S7054969: Null-check-in-finally pattern in java/security documentation - S7072353: JNDI libraries do not build with javac -Xlint:all -Werror - S7075563: Broken link in "javax.swing.SwingWorker" - S7077672: jdk8_tl nightly fail in step-2 build on 8/10/11 - S7088502: Security libraries don't build with javac -Werror - S7092447: Clarify the default locale used in each locale sensitive operation - S7093640: Enable client-side TLS 1.2 by default - S7103570: AtomicIntegerFieldUpdater does not work when SecurityManager is installed - S7117360: Warnings in java.util.concurrent.atomic package - S7117465: Warning cleanup for IMF classes - S7187144: JavaDoc for ScriptEngineFactory.getProgram() contains an error - S8000418: javadoc should used a standard "generated by javadoc" string - S8000666: javadoc should write directly to Writer instead of composing strings - S8000673: remove dead code from HtmlWriter and subtypes - S8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK - S8001669: javadoc internal DocletAbortException should set cause when appropriate - S8008949: javadoc stopped copying doc-files - S8011402: Move blacklisting certificate logic from hard code to data - S8011547: Update XML Signature implementation to Apache Santuario 1.5.4 - S8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo - S8016217: More javadoc warnings - S8017325: Cleanup of the javadoc tag in java.security.cert - S8017326: Cleanup of the javadoc tag in java.security.spec - S8019772: Fix doclint issues in javax.crypto and javax.security subpackages - S8020557: javadoc cleanup in javax.security - S8020688: Broken links in documentation at https://docs.oracle.com/en/java/javase/21/. - S8021108: Clean up doclint warnings and errors in java.text package - S8021417: Fix doclint issues in java.util.concurrent - S8021833: javadoc cleanup in java.net - S8022120: JCK test api/javax_xml/crypto/dsig/TransformService/index_ParamMethods fails - S8022175: Fix doclint warnings in javax.print - S8022406: Fix doclint issues in java.beans - S8022746: List of spelling errors in API doc - S8024779: [macosx] SwingNode crashes on exit - S8025085: [javadoc] some errors in javax/swing - S8025218: [javadoc] some errors in java/awt classes - S8025249: [javadoc] fix some javadoc errors in javax/swing/ - S8025409: Fix javadoc comments errors and warning reported by doclint report - S8026021: more fix of javadoc errors and warnings reported by doclint, see the description - S8037099: [macosx] Remove all references to GC from native OBJ-C code - S8038184: XMLSignature throws StringIndexOutOfBoundsException if ID attribute value is empty String - S8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits - S8049244: XML Signature performance issue caused by unbuffered signature data - S8049432: New tests for TLS property jdk.tls.client.protocols - S8050893: (smartcardio) Invert reset argument in tests in sun/security/smartcardio - S8059212: Modify regression tests so that they do not just fail if no cardreader found - S8068279: (typo in the spec) javax.script.ScriptEngineFactory.getLanguageName - S8068491: Update the protocol for references of docs.oracle.com to HTTPS. - S8069038: javax/net/ssl/TLS/TLSClientPropertyTest.java needs to be updated for JDK-8061210 - S8076369: Introduce the jdk.tls.client.protocols system property for JDK 7u - S8139565: Restrict certificates with DSA keys less than 1024 bits - S8140422: Add mechanism to allow non default root CAs to be not subject to algorithm restrictions - S8140587: Atomic*FieldUpdaters should use Class.isInstance instead of direct class check - S8143959: Certificates requiring blacklisting - S8145984: [macosx] sun.lwawt.macosx.CAccessible leaks - S8148516: Improve the default strength of EC in JDK - S8149029: Secure validation of XML based digital signature always enabled when checking wrapping attacks - S8151893: Add security property to configure XML Signature secure validation mode - S8155760: Implement Serialization Filtering - S8156802: Better constraint checking - S8161228: URL objects with custom protocol handlers have port changed after deserializing - S8161571: Verifying ECDSA signatures permits trailing bytes - S8163304: jarsigner -verbose -verify should print the algorithms used to sign the jar - S8164908: ReflectionFactory support for IIOP and custom serialization - S8165230: RMIConnection addNotificationListeners failing with specific inputs - S8166393: disabledAlgorithms property should not be strictly parsed - S8166591: [macos 10.12] Trackpad scrolling of text on OS X 10.12 Sierra is very fast (Trackpad, Retina only) - S8166739: Improve extensibility of ObjectInputFilter information passed to the filter - S8166875: (tz) Support tzdata2016g - S8166878: Connection reset during TLS handshake - S8167356: Follow up fix for jdk8 backport of 8164143. Changes for CMenuComponent.m were missed - S8167459: Add debug output for indicating if a chosen ciphersuite was legacy - S8167472: Chrome interop regression with JDK-8148516 - S8167591: Add MD5 to signed JAR restrictions - S8168861: AnchorCertificates uses hardcoded password for cacerts keystore - S8168993: JDK8u121 L10n resource file update - S8169191: (tz) Support tzdata2016i - S8169688: Backout (remove) MD5 from jdk.jar.disabledAlgorithms for January CPU - S8169911: Enhanced tests for jarsigner -verbose -verify after JDK-8163304 - S8170131: Certificates not being blocked by jdk.tls.disabledAlgorithms property - S8170268: 8u121 L10n resource file update - msgdrop 20 - S8173622: Backport of 7180907 is incomplete - S8173849: Fix use of java.util.Base64 in test cases - S8173854: [TEST] Update DHEKeySizing test case following 8076328 & 8081760 - CVE-2017-3259 Vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. * Backports - S7102489, PR3316, RH1390708: RFE: cleanup jlong typedef on __APPLE__and _LLP64 systems. - S8000351, PR3316, RH1390708: Tenuring threshold should be unsigned - S8153711, PR3315, RH1284948: [REDO] GlobalRefs never deleted when processing invokeMethod command - S8170888, PR3316, RH1390708: [linux] support for cgroup memory limits in container (ie Docker) environments * Bug fixes - PR3318: Replace 'infinality' with 'improved font rendering' (--enable-improved-font-rendering) - PR3318: Fix compatibility with vanilla Fontconfig - PR3318: Fix glyph y advance - PR3318: Always round glyph advance in 26.6 space - PR3318: Simplify glyph advance handling - PR3324: Fix NSS_LIBDIR substitution in make_generic_profile.sh broken by PR1989 * AArch64 port - S8165673, PR3320: AArch64: Fix JNI floating point argument handling This update was imported from the SUSE:SLE-12:Update update project.

 

Patch

Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-278=1 - openSUSE Leap 42.1: zypper in -t patch openSUSE-2017-278=1 To bring your system up-to-date, use "zypper patch".


Package List

- openSUSE Leap 42.2 (i586 x86_64): java-1_7_0-openjdk-1.7.0.131-40.1 java-1_7_0-openjdk-accessibility-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-debugsource-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-devel-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-devel-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-headless-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-headless-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-debugsource-1.7.0.131-40.1 java-1_7_0-openjdk-demo-1.7.0.131-40.1 java-1_7_0-openjdk-demo-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-devel-1.7.0.131-40.1 java-1_7_0-openjdk-devel-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-headless-1.7.0.131-40.1 java-1_7_0-openjdk-headless-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-src-1.7.0.131-40.1 - openSUSE Leap 42.2 (noarch): java-1_7_0-openjdk-javadoc-1.7.0.131-40.1 - openSUSE Leap 42.1 (i586 x86_64): java-1_7_0-openjdk-1.7.0.131-40.1 java-1_7_0-openjdk-accessibility-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-debugsource-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-devel-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-devel-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-headless-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-headless-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-debugsource-1.7.0.131-40.1 java-1_7_0-openjdk-demo-1.7.0.131-40.1 java-1_7_0-openjdk-demo-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-devel-1.7.0.131-40.1 java-1_7_0-openjdk-devel-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-headless-1.7.0.131-40.1 java-1_7_0-openjdk-headless-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-src-1.7.0.131-40.1 - openSUSE Leap 42.1 (noarch): java-1_7_0-openjdk-javadoc-1.7.0.131-40.1


References

https://www.suse.com/security/cve/CVE-2016-2183.html https://www.suse.com/security/cve/CVE-2016-5546.html https://www.suse.com/security/cve/CVE-2016-5547.html https://www.suse.com/security/cve/CVE-2016-5548.html https://www.suse.com/security/cve/CVE-2016-5549.html https://www.suse.com/security/cve/CVE-2016-5552.html https://www.suse.com/security/cve/CVE-2017-3231.html https://www.suse.com/security/cve/CVE-2017-3241.html https://www.suse.com/security/cve/CVE-2017-3252.html https://www.suse.com/security/cve/CVE-2017-3253.html https://www.suse.com/security/cve/CVE-2017-3259.html https://www.suse.com/security/cve/CVE-2017-3260.html https://www.suse.com/security/cve/CVE-2017-3261.html https://www.suse.com/security/cve/CVE-2017-3272.html https://www.suse.com/security/cve/CVE-2017-3289.html https://bugzilla.suse.com/1020905--


Severity
Announcement ID: openSUSE-SU-2017:0513-1
Rating: important
Affected Products: openSUSE Leap 42.2 openSUSE Leap 42.1

Related News

Linux Mint 22: Elevating Security and Usability for Admins
3 - 5 min read
Linux Mint has has long been recognized as a versatile and user-friendly distribution and has earned great popularity among administrators and
Exim 4.98 Addresses Critical Vulnerabilities, Bolsters Email Server Security
2 - 4 min read
Exim is one of Unix-like systems' most widely used mail transfer agents. It's essential for email delivery and handling and is a significant part of
Recent OpenSSH RCE Bug Explained: Impact & Mitigations
2 - 4 min read
In an era where cybersecurity threats loom larger than ever, the discovery of a Remote Code Execution (RCE) vulnerability in OpenSSH by Qualys’
CVE-2024-4577: A Swiftly Weaponized Vulnerability for Ransomware Distribution
2 - 4 min read
Security researchers recently issued an update detailing how attackers are exploiting a PHP code execution vulnerability to spread TellYouThePass
Play Ransomware Group Unleashes New Threat on ESXi Environments: Analysis & Mitigation Strategies
3 - 5 min read
The Play ransomware group, well-known for its double-extortion tactics, recently unveiled a Linux variant targeting ESXi environments. This
Critical Linux Kernel Vulnerabilities Patched in Ubuntu Azure Systems
2 - 4 min read
Canonical has fixed several recently identified critical Linux kernel vulnerabilities in July 2024. These vulnerabilities primarily affect Microsoft
The Urgent Need for Secure Software Development: New Report Serves as a Wake-Up Call for the Industry
3 - 5 min read
The Linux Foundation and Open Source Security Foundation recently published a report entitled "Secure Software Development Education 2024
Severe Linux Kernel Privilege Escalation Bugs Could Compromise Entire Systems
2 - 4 min read
The Cybersecurity and Infrastructure Security Agency (CISA) recently added a new Linux kernel privilege escalation bug ( CVE-2024-1086 ) to its

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved