SUSE: 2016:0433-1 Important: Java 1.7.0 Security Update

suse

February 11, 2016

An update that fixes 11 vulnerabilities is now available

Summary

This update for java-1_7_0-ibm fixes the following issues by updating to 7.0-9.30 (bsc#963937): - CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances - CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials - CVE-2015-7981: libpng could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in the png_convert_to_rfc1123 function. An attacker could exploit this vulnerability to obtain sensitive information

Topics Covered

security advisory security issue important application update SUSE Java patch instruction

References

#960402 #963937

Cross- CVE-2015-5041 CVE-2015-7575 CVE-2015-7981

CVE-2015-8126 CVE-2015-8472 CVE-2015-8540

CVE-2016-0402 CVE-2016-0448 CVE-2016-0466

CVE-2016-0483 CVE-2016-0494

Affected Products:

SUSE Linux Enterprise Server 11-SP2-LTSS

https://www.suse.com/security/cve/CVE-2015-5041.html

https://www.suse.com/security/cve/CVE-2015-7575.html

https://www.suse.com/security/cve/CVE-2015-7981.html

https://www.suse.com/security/cve/CVE-2015-8126.html

https://www.suse.com/security/cve/CVE-2015-8472.html

https://www.suse.com/security/cve/CVE-2015-8540.html

https://www.suse.com/security/cve/CVE-2016-0402.html

https://www.suse.com/security/cve/CVE-2016-0448.html

https://www.suse.com/security/cve/CVE-2016-0466.html

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2016:0433-1

Rating: important

Topics Covered

security advisory security issue important application update SUSE Java patch instruction

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2016:0433-1 Important: Java 1.7.0 Security Update

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2016:0433-1 Important: Java 1.7.0 Security Update

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!