Linux Security
    Linux Security
    Linux Security

    openSUSE: 2020:1191-1: important: java-11-openjdk

    Posted By
    An update that fixes 8 vulnerabilities is now available.
       openSUSE Security Update: Security update for java-11-openjdk
    Announcement ID:    openSUSE-SU-2020:1191-1
    Rating:             important
    References:         #1174157 
    Cross-References:   CVE-2020-14556 CVE-2020-14562 CVE-2020-14573
                        CVE-2020-14577 CVE-2020-14581 CVE-2020-14583
                        CVE-2020-14593 CVE-2020-14621
    Affected Products:
                        openSUSE Leap 15.2
       An update that fixes 8 vulnerabilities is now available.
       This update for java-11-openjdk fixes the following issues:
       - Update to upstream tag jdk-11.0.8+10 (July 2020 CPU, bsc#1174157)
         * Security fixes:
           + JDK-8230613: Better ASCII conversions
           + JDK-8231800: Better listing of arrays
           + JDK-8232014: Expand DTD support
           + JDK-8233234: Better Zip Naming
           + JDK-8233239, CVE-2020-14562: Enhance TIFF support
           + JDK-8233255: Better Swing Buttons
           + JDK-8234032: Improve basic calendar services
           + JDK-8234042: Better factory production of certificates
           + JDK-8234418: Better parsing with CertificateFactory
           + JDK-8234836: Improve serialization handling
           + JDK-8236191: Enhance OID processing
           + JDK-8236867, CVE-2020-14573: Enhance Graal interface handling
           + JDK-8237117, CVE-2020-14556: Better ForkJoinPool behavior
           + JDK-8237592, CVE-2020-14577: Enhance certificate verification
           + JDK-8238002, CVE-2020-14581: Better matrix operations
           + JDK-8238013: Enhance String writing
           + JDK-8238804: Enhance key handling process
           + JDK-8238842: AIOOBE in GIFImageReader.initializeStringTable
           + JDK-8238843: Enhanced font handing
           + JDK-8238920, CVE-2020-14583: Better Buffer support
           + JDK-8238925: Enhance WAV file playback
           + JDK-8240119, CVE-2020-14593: Less Affine Transformations
           + JDK-8240482: Improved WAV file playback
           + JDK-8241379: Update JCEKS support
           + JDK-8241522: Manifest improved jar headers redux
           + JDK-8242136, CVE-2020-14621: Better XML namespace handling
         * Other changes:
           + JDK-6933331: (d3d/ogl) java.lang.IllegalStateException: Buffers have
             not been created
           + JDK-7124307: JSpinner and changing value by mouse
           + JDK-8022574: remove HaltNode code after uncommon trap calls
           + JDK-8039082: [TEST_BUG] Test
             java/awt/dnd/BadSerializationTest/ fails
           + JDK-8040630: Popup menus and tooltips flicker with previous popup
             contents when first shown
           + JDK-8044365: (dc) failing with ENOMEM
             when joining group (OS X 10.9)
           + JDK-8048215: [TESTBUG]
             Expected non-null LockInfo
           + JDK-8051349: nsk/jvmti/scenarios/sampling/SP06/sp06t003 fails in
           + JDK-8080353: JShell: Better error message on attempting to add
             default method
           + JDK-8139876: Exclude hanging nsk/stress/stack from execution with
             deoptimization enabled
           + JDK-8146090: java/lang/ref/ fails with
           + JDK-8153430: jdk regression test MletParserLocaleTest,
             ParserInfiniteLoopTest reduce default timeout
           + JDK-8156207: Resource allocated BitMaps are often cleared
           + JDK-8159740: JShell: corralled declarations do not have correct
             source to wrapper mapping
           + JDK-8175984: ICC_Profile has un-needed, not-empty finalize method
           + JDK-8176359: Frame#setMaximizedbounds not working properly in multi
             screen environments
           + JDK-8183369: RFC unconformity of HttpURLConnection with proxy
           + JDK-8187078: -XX:+VerifyOops finds numerous problems when running
           + JDK-8189861: Refactor CacheFind
           + JDK-8191169: java/net/Authenticator/ failed
           + JDK-8191930: [Graal] emits unparseable XML into compile log
           + JDK-8193879: Java debugger hangs on method invocation
           + JDK-8196019: java/awt/Window/Grab/ fails on Windows
           + JDK-8196181: sun/java2d/GdiRendering/ fails
           + JDK-8198000:
             java/awt/List/EmptyListEventTest/ debug
             assert on Windows
           + JDK-8198001: java/awt/Menu/WrongParentAfterRemoveMenu/
             / debug assert on Windows
           + JDK-8198339: Test javax/swing/border/ is unstable
           + JDK-8200701: jdk/jshell/ fails on Windows, after
           + JDK-8203264: JNI exception pending in PlainDatagramSocketImpl.c:740
           + JDK-8203672: JNI exception pending in PlainSocketImpl.c
           + JDK-8203673: JNI exception pending in
           + JDK-8204834: Fix confusing "allocate" naming in OopStorage
           + JDK-8205399: Set node color on pinned HashMap.TreeNode deletion
           + JDK-8205653: test/jdk/sun/management/jmxremote/bootstrap/
             / and fail with
           + JDK-8206179: com/sun/management/OperatingSystemMXBean/
             / fails with Committed virtual
             memory size illegal value
           + JDK-8207334: VM times out in VM_HandshakeAllThreads::doit() with
           + JDK-8208277: Code cache heap (-XX:ReservedCodeCacheSize) doesn't
             work with 1GB LargePages
       This update was imported from the SUSE:SLE-15:Update update project.
    Patch Instructions:
       To install this openSUSE Security Update use the SUSE recommended installation methods
       like YaST online_update or "zypper patch".
       Alternatively you can run the command listed for your product:
       - openSUSE Leap 15.2:
          zypper in -t patch openSUSE-2020-1191=1
    Package List:
       - openSUSE Leap 15.2 (i586 x86_64):
       - openSUSE Leap 15.2 (noarch):


    LinuxSecurity Poll

    How are you contributing to Open Source?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    [{"id":"127","title":"I'm involved with the development of an open-source project(s).","votes":"2","type":"x","order":"1","pct":100,"resources":[]},{"id":"128","title":"I've reported vulnerabilities I've discovered in open-source code.","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"129","title":"I've provided developers with feedback on their projects.","votes":"0","type":"x","order":"3","pct":0,"resources":[]},{"id":"130","title":"I've helped another community member get started contributing to Open Source.","votes":"0","type":"x","order":"4","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.