SuSE: 2015:1073-1: important:
Summary
This update fixes the following security issues: - Version bump to 7.1-3.0 release bnc#930365 CVE-2015-0192 CVE-2015-2808 CVE-2015-1914 CVE-2015-0138 - Fix removeing links before update-alternatives run. bnc#931702 - Fix bnc#912434, javaws/plugin stuff should slave plugin update-alternatives - Fix bnc#912447, use system cacerts - Update to 7.1.2.10 for sec issues bnc#916266 and bnc#916265 CVE-2014-8892 CVE-2014-8891 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-270=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-270=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): java-1_7_1-ibm-1.7.1_sr3.0-11.1 java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1 - SUSE Linux Enterprise Server 12 (x86_64): java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1 java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1
References
#912434 #912447 #930365 #931693 #931702
Cross- CVE-2015-0138 CVE-2015-0192 CVE-2015-1914
CVE-2015-2808
Affected Products:
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Server 12
https://www.suse.com/security/cve/CVE-2015-0138.html
https://www.suse.com/security/cve/CVE-2015-0192.html
https://www.suse.com/security/cve/CVE-2015-1914.html
https://www.suse.com/security/cve/CVE-2015-2808.html
https://bugzilla.suse.com/912434
https://bugzilla.suse.com/912447
https://bugzilla.suse.com/930365
https://bugzilla.suse.com/931693
https://bugzilla.suse.com/931702