SUSE Linux Enterprise: 2020:14286-1 Important: Java Update Security Fixes
suse
February 20, 2020
An update that fixes four vulnerabilities is now available.
Summary
This update for java-1_7_0-ibm fixes the following issues: Java was updated to 7.0 Service Refresh 10 Fix Pack 60 [bsc#1162972, bsc#1160968]. Security issues fixed: - CVE-2020-2583: Fixed a serialization vulnerability in BeanContextSupport (bsc#1162972). - CVE-2020-2593: Fixed an incorrect check in isBuiltinStreamHandler, causing URL normalization issues (bsc#1162972). - CVE-2020-2604: Fixed a serialization issue in jdk.serialFilter (bsc#1162972). - CVE-2020-2659: Fixed the incomplete enforcement of the maxDatagramSockets limit in DatagramChannelImpl (bsc#1162972). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
#1160968 #1162972
Cross- CVE-2020-2583 CVE-2020-2593 CVE-2020-2604
CVE-2020-2659
Affected Products:
SUSE Linux Enterprise Point of Sale 11-SP3
https://www.suse.com/security/cve/CVE-2020-2583.html
https://www.suse.com/security/cve/CVE-2020-2593.html
https://www.suse.com/security/cve/CVE-2020-2604.html
https://www.suse.com/security/cve/CVE-2020-2659.html
https://bugzilla.suse.com/1160968
https://bugzilla.suse.com/1162972
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2020:14286-1
Rating: important
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!