Alerts This Week
Warning Icon 1 666
Alerts This Week
Warning Icon 1 666

openSUSE: 2020:0757-1 Important Security Update for Java-11-Openjdk

opensuse
Calendar Grey June 2, 2020
Dist Opensuse Esm H88
This software patch addresses 15 critical vulnerabilities in the java-11-openjdk package. Implement these updates to strengthen your system's defenses.
An update that fixes 13 vulnerabilities is now available.

Description

This update for java-11-openjdk fixes the following issues:

Java was updated to jdk-11.0.7+10 (April 2020 CPU, bsc#1169511).

Security issues fixed:

- CVE-2020-2754: Fixed an incorrect handling of regular expressions that

could have resulted in denial of service (bsc#1169511).

- CVE-2020-2755: Fixed an incorrect handling of regular expressions that

could have resulted in denial of service (bsc#1169511).

- CVE-2020-2756: Fixed an incorrect handling of regular expressions that

could have resulted in denial of service (bsc#1169511).

- CVE-2020-2757: Fixed an object deserialization issue that could have

resulted in denial of service via crafted serialized input (bsc#1169511).

- CVE-2020-2767: Fixed an incorrect handling of certificate messages

during TLS handshakes (bsc#1169511).

- CVE-2020-2773: Fixed the incorrect handling of exceptions thrown by

unmarshalKeyInfo() and unmarshalXMLSignature() (bsc#1169511).

- CVE-2020-2778:...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory denial of service security update software fix important update openSUSE java-11-openjdk

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2020-757=1

Package List

- openSUSE Leap 15.1 (i586 x86_64):

java-11-openjdk-11.0.7.0-lp151.3.16.1

java-11-openjdk-accessibility-11.0.7.0-lp151.3.16.1

java-11-openjdk-accessibility-debuginfo-11.0.7.0-lp151.3.16.1

java-11-openjdk-debuginfo-11.0.7.0-lp151.3.16.1

java-11-openjdk-debugsource-11.0.7.0-lp151.3.16.1

java-11-openjdk-demo-11.0.7.0-lp151.3.16.1

java-11-openjdk-devel-11.0.7.0-lp151.3.16.1

java-11-openjdk-headless-11.0.7.0-lp151.3.16.1

java-11-openjdk-jmods-11.0.7.0-lp151.3.16.1

java-11-openjdk-src-11.0.7.0-lp151.3.16.1

- openSUSE Leap 15.1 (noarch):

java-11-openjdk-javadoc-11.0.7.0-lp151.3.16.1

References

https://www.suse.com/security/cve/CVE-2020-2754.html

https://www.suse.com/security/cve/CVE-2020-2755.html

https://www.suse.com/security/cve/CVE-2020-2756.html

https://www.suse.com/security/cve/CVE-2020-2757.html

https://www.suse.com/security/cve/CVE-2020-2767.html

https://www.suse.com/security/cve/CVE-2020-2773.html

https://www.suse.com/security/cve/CVE-2020-2778.html

https://www.suse.com/security/cve/CVE-2020-2781.html

https://www.suse.com/security/cve/CVE-2020-2800.html

https://www.suse.com/security/cve/CVE-2020-2803.html

https://www.suse.com/security/cve/CVE-2020-2805.html

https://www.suse.com/security/cve/CVE-2020-2816.html

https://www.suse.com/security/cve/CVE-2020-2830.html

https://bugzilla.suse.com/1167462

https://bugzilla.suse.com/1169511

--

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2020:0757-1
Rating: important
Affected Products: openSUSE Leap 15.1

Topics%20covered

Topics Covered

security advisory denial of service security update software fix important update openSUSE java-11-openjdk

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here