SUSE: 2018:2083-1 Important: java-10-openjdk Security Update
suse
July 27, 2018
An update that solves four vulnerabilities and has one errata is now available
Summary
This update for OpenJDK 10.0.2 fixes the following security issues: - CVE-2018-2940: the libraries sub-component contained an easily exploitable vulnerability that allowed attackers to compromise Java SE or Java SE Embedded over the network, potentially gaining unauthorized read access to data that's accessible to the server. [bsc#1101645] - CVE-2018-2952: the concurrency sub-component contained a difficult to exploit vulnerability that allowed attackers to compromise Java SE, Java SE Embedded, or JRockit over the network. This issue could have been abused to mount a partial denial-of-service attack on the server. [bsc#1101651] - CVE-2018-2972: the security sub-component contained a difficult to exploit vulnerability that allowed attackers to compromise Java SE over
Topics Covered
References
#1096420 #1101645 #1101651 #1101655 #1101656
Cross- CVE-2018-2940 CVE-2018-2952 CVE-2018-2972
CVE-2018-2973
Affected Products:
SUSE Linux Enterprise Module for Basesystem 15
https://www.suse.com/security/cve/CVE-2018-2940.html
https://www.suse.com/security/cve/CVE-2018-2952.html
https://www.suse.com/security/cve/CVE-2018-2972.html
https://www.suse.com/security/cve/CVE-2018-2973.html
https://bugzilla.suse.com/1096420
https://bugzilla.suse.com/1101645
https://bugzilla.suse.com/1101651
https://bugzilla.suse.com/1101655
https://bugzilla.suse.com/1101656
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2018:2083-1
Rating: important
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!