Alerts This Week
Warning Icon 1 924
Alerts This Week
Warning Icon 1 924

openSUSE Leap 15.2: 2021:0719-1 Critical: java-11-openjdk Error Issue

opensuse
Calendar Grey May 13, 2021
Dist Opensuse Esm H88
openSUSE: Crucial security upgrade for python3 addressing several vulnerabilities with update instructions provided.
An update that solves two vulnerabilities and has one errata is now available

Description

This update for java-11-openjdk fixes the following issues:

- Update to upstream tag jdk-11.0.11+9 (April 2021 CPU)

* CVE-2021-2163: Fixed incomplete enforcement of JAR signing disabled

algorithms (bsc#1185055)

* CVE-2021-2161: Fixed incorrect handling of partially quoted arguments

in ProcessBuilder (bsc#1185056)

- moved mozilla-nss dependency to java-11-openjdk-headless package, this

is necessary to be able to do crypto with just java-11-openjdk-headless

installed (bsc#1184606).

This update was imported from the SUSE:SLE-15:Update update project.

Topics%20covered

Topics Covered

security advisory important security patch installation instructions openSUSE java-11-openjdk incomplete enforcement incorrect handling

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.2:

zypper in -t patch openSUSE-2021-719=1

Package List

- openSUSE Leap 15.2 (i586 x86_64):

java-11-openjdk-11.0.11.0-lp152.2.12.1

java-11-openjdk-accessibility-11.0.11.0-lp152.2.12.1

java-11-openjdk-accessibility-debuginfo-11.0.11.0-lp152.2.12.1

java-11-openjdk-debuginfo-11.0.11.0-lp152.2.12.1

java-11-openjdk-debugsource-11.0.11.0-lp152.2.12.1

java-11-openjdk-demo-11.0.11.0-lp152.2.12.1

java-11-openjdk-devel-11.0.11.0-lp152.2.12.1

java-11-openjdk-headless-11.0.11.0-lp152.2.12.1

java-11-openjdk-jmods-11.0.11.0-lp152.2.12.1

java-11-openjdk-src-11.0.11.0-lp152.2.12.1

- openSUSE Leap 15.2 (noarch):

java-11-openjdk-javadoc-11.0.11.0-lp152.2.12.1

References

https://www.suse.com/security/cve/CVE-2021-2161.html

https://www.suse.com/security/cve/CVE-2021-2163.html

https://bugzilla.suse.com/1184606

https://bugzilla.suse.com/1185055

https://bugzilla.suse.com/1185056

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2021:0719-1
Rating: important
Affected Products: openSUSE Leap 15.2 ble.

Topics%20covered

Topics Covered

security advisory important security patch installation instructions openSUSE java-11-openjdk incomplete enforcement incorrect handling

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here