Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 433
Alerts This Week
Warning Icon 1 433

SUSE: 2019:2036-2 Important: java-1_8_0-openjdk Security Update

suse
Calendar Grey August 16, 2019
Dist Suse Esm H88
Critical security patch for java-1_8_0-openjdk resolves various vulnerabilities affecting SUSE Enterprise Storage.
An update that solves 8 vulnerabilities and has one errata is now available

Summary

This update for java-1_8_0-openjdk to version 8u222 fixes the following issues: Security issues fixed: - CVE-2019-2745: Improved ECC Implementation (bsc#1141784). - CVE-2019-2762: Exceptional throw cases (bsc#1141782). - CVE-2019-2766: Improve file protocol handling (bsc#1141789). - CVE-2019-2769: Better copies of CopiesList (bsc#1141783). - CVE-2019-2786: More limited privilege usage (bsc#1141787). - CVE-2019-2816: Normalize normalization (bsc#1141785). - CVE-2019-2842: Extended AES support (bsc#1141786). - CVE-2019-7317: Improve PNG support (bsc#1141780). - Certificate validation improvements Non-security issue fixed: - Fixed an issue where the installation failed when the manpages are not present (bsc#1115375) Patch Instructions:

References

#1115375 #1141780 #1141782 #1141783 #1141784

#1141785 #1141786 #1141787 #1141789

Cross- CVE-2019-2745 CVE-2019-2762 CVE-2019-2766

CVE-2019-2769 CVE-2019-2786 CVE-2019-2816

CVE-2019-2842 CVE-2019-7317

Affected Products:

SUSE Enterprise Storage 5

https://www.suse.com/security/cve/CVE-2019-2745.html

https://www.suse.com/security/cve/CVE-2019-2762.html

https://www.suse.com/security/cve/CVE-2019-2766.html

https://www.suse.com/security/cve/CVE-2019-2769.html

https://www.suse.com/security/cve/CVE-2019-2786.html

https://www.suse.com/security/cve/CVE-2019-2816.html

https://www.suse.com/security/cve/CVE-2019-2842.html

https://www.suse.com/security/cve/CVE-2019-7317.html

https://bugzilla.suse.com/1115375

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2019:2036-2
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.