SUSE 11 SP2 LTSS 2015:0392-1 Critical: Java Execution Issue

suse

February 27, 2015

An update that solves two vulnerabilities and has four An update that solves two vulnerabilities and has four An update that solves two vulnerabilities and has four fixes is now av...

Summary

java-1_6_0-ibm has been updated to version 1.6.0_sr16.3 to fix 30 security issues: * CVE-2014-8891: Unspecified vulnerability (bnc#916266) * CVE-2014-8892: Unspecified vulnerability (bnc#916265) * CVE-2014-3065: Unspecified vulnerability in IBM Java Runtime Environment (JRE) 7 R1 before SR2 (7.1.2.0), 7 before SR8 (7.0.8.0), 6 R1 before SR8 FP2 (6.1.8.2), 6 before SR16 FP2 (6.0.16.2), and before SR16 FP8 (5.0.16.8) allowed local users to execute arbitrary code via vectors related to the shared classes cache (bnc#904889). * CVE-2014-3566: The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, used nondeterministic CBC padding, which made it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue (bnc#901223).

Topics Covered

security advisory software patch critical update SUSE system security java issue IBM Java

References

#592934 #891700 #901223 #904889 #916265 #916266

Cross- CVE-2014-8891 CVE-2014-8892

Affected Products:

SUSE Linux Enterprise Server 11 SP2 LTSS

SUSE Linux Enterprise Server 11 SP1 LTSS

https://www.suse.com/security/cve/CVE-2014-8891.html

https://www.suse.com/security/cve/CVE-2014-8892.html

https://bugzilla.suse.com/show_bug.cgi?id=592934

https://bugzilla.suse.com/show_bug.cgi?id=891700

https://bugzilla.suse.com/show_bug.cgi?id=901223

https://bugzilla.suse.com/show_bug.cgi?id=904889

https://bugzilla.suse.com/show_bug.cgi?id=916265

https://bugzilla.suse.com/show_bug.cgi?id=916266

https://scc.suse.com:443/patches/

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2015:0392-1

Rating: important

Topics Covered

security advisory software patch critical update SUSE system security java issue IBM Java

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE 11 SP2 LTSS 2015:0392-1 Critical: Java Execution Issue

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE 11 SP2 LTSS 2015:0392-1 Critical: Java Execution Issue

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!