Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 533
Alerts This Week
Warning Icon 1 533

SUSE: 2017:2989-1 Important: Java OpenJDK Critical Patch

suse
Calendar Grey November 10, 2017
Dist Suse Esm H88
This critical openSUSE security patch addresses various vulnerabilities in java-1_8_0-openjdk. Review the required updates for your system.
An update that fixes 19 vulnerabilities is now available

Summary

This update for java-1_8_0-openjdk fixes the following issues: - Update to version jdk8u151 (icedtea 3.6.0) Security issues fixed: - CVE-2017-10274: Handle smartcard clean up better (bsc#1064071) - CVE-2017-10281: Better queuing priorities (bsc#1064072) - CVE-2017-10285: Unreferenced references (bsc#1064073) - CVE-2017-10295: Better URL connections (bsc#1064075) - CVE-2017-10388: Correct Kerberos ticket grants (bsc#1064086) - CVE-2017-10346: Better invokespecial checks (bsc#1064078) - CVE-2017-10350: Better Base Exceptions (bsc#1064082) - CVE-2017-10347: Better timezone processing (bsc#1064079) - CVE-2017-10349: Better X processing (bsc#1064081) - CVE-2017-10345: Better keystore handling (bsc#1064077) - CVE-2017-10348: Better processing of unresolved permissions (bsc#1064080)

References

#1032647 #1052009 #1064069 #1064070 #1064071

#1064072 #1064073 #1064075 #1064077 #1064078

#1064079 #1064080 #1064081 #1064082 #1064083

#1064084 #1064085 #1064086

Cross- CVE-2016-10165 CVE-2016-9840 CVE-2016-9841

CVE-2016-9842 CVE-2016-9843 CVE-2017-10274

CVE-2017-10281 CVE-2017-10285 CVE-2017-10295

CVE-2017-10345 CVE-2017-10346 CVE-2017-10347

CVE-2017-10348 CVE-2017-10349 CVE-2017-10350

CVE-2017-10355 CVE-2017-10356 CVE-2017-10357

CVE-2017-10388

Affected Products:

SUSE OpenStack Cloud 6

SUSE Linux Enterprise Server for SAP 12-SP1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2

SUSE Linux Enterprise Server 12-SP3

SUSE Linux Enterprise Server 12-SP2

SUSE Linux Enterprise Server 12-SP1-LTSS

...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2017:2989-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.