Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

SUSE: 2022:0871-1 Important: Java-1_8_0-OpenJDK Critical Update

suse
Calendar Grey March 16, 2022
Dist Suse Esm H88
SUSE Security Advisory regarding python3-3.8 covers serious vulnerabilities and implements essential patches to bolster system protection.
An update that solves 13 vulnerabilities and has three fixes is now available

Summary

This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u322 (icedtea-3.22.0) Including the following security fixes: - CVE-2022-21248, bsc#1194926: Enhance cross VM serialization - CVE-2022-21283, bsc#1194937: Better String matching - CVE-2022-21293, bsc#1194935: Improve String constructions - CVE-2022-21294, bsc#1194934: Enhance construction of Identity maps - CVE-2022-21282, bsc#1194933: Better resolution of URIs - CVE-2022-21296, bsc#1194932: Improve SAX Parser configuration management - CVE-2022-21299, bsc#1194931: Improved scanning of XML entities - CVE-2022-21305, bsc#1194939: Better array indexing - CVE-2022-21340, bsc#1194940: Verify Jar Verification - CVE-2022-21341, bsc#1194941: Improve serial forms for transport

Topics%20covered

Topics Covered

security advisory security update critical important SUSE Java openjdk

References

#1193314 #1193444 #1193491 #1194926 #1194928

#1194929 #1194931 #1194932 #1194933 #1194934

#1194935 #1194937 #1194939 #1194940 #1194941

#1195163

Cross- CVE-2022-21248 CVE-2022-21282 CVE-2022-21283

CVE-2022-21293 CVE-2022-21294 CVE-2022-21296

CVE-2022-21299 CVE-2022-21305 CVE-2022-21340

CVE-2022-21341 CVE-2022-21349 CVE-2022-21360

CVE-2022-21365

CVSS scores:

CVE-2022-21248 (NVD) : 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

CVE-2022-21248 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

CVE-2022-21282 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVE-2022-21282 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVE-2022-21283 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2022:0871-1
Rating: important

Topics%20covered

Topics Covered

security advisory security update critical important SUSE Java openjdk

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here