Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

SUSE: 2022:0873-2 Critical: OpenJDK Security Updates Released

suse
Calendar Grey March 16, 2022
Dist Suse Esm H88
Debian Security Patch addresses severe vulnerabilities in python3, boosting overall security measures and operational efficiency.
An update that solves 13 vulnerabilities and has three fixes is now available

Summary

This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u322 (icedtea-3.22.0) Including the following security fixes: - CVE-2022-21248, bsc#1194926: Enhance cross VM serialization - CVE-2022-21283, bsc#1194937: Better String matching - CVE-2022-21293, bsc#1194935: Improve String constructions - CVE-2022-21294, bsc#1194934: Enhance construction of Identity maps - CVE-2022-21282, bsc#1194933: Better resolution of URIs - CVE-2022-21296, bsc#1194932: Improve SAX Parser configuration management - CVE-2022-21299, bsc#1194931: Improved scanning of XML entities - CVE-2022-21305, bsc#1194939: Better array indexing - CVE-2022-21340, bsc#1194940: Verify Jar Verification - CVE-2022-21341, bsc#1194941: Improve serial forms for transport

Topics%20covered

Topics Covered

security advisory software patch SUSE system fix important update Java OpenJDK

References

#1193314 #1193444 #1193491 #1194926 #1194928

#1194929 #1194931 #1194932 #1194933 #1194934

#1194935 #1194937 #1194939 #1194940 #1194941

#1195163

Cross- CVE-2022-21248 CVE-2022-21282 CVE-2022-21283

CVE-2022-21293 CVE-2022-21294 CVE-2022-21296

CVE-2022-21299 CVE-2022-21305 CVE-2022-21340

CVE-2022-21341 CVE-2022-21349 CVE-2022-21360

CVE-2022-21365

CVSS scores:

CVE-2022-21248 (NVD) : 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

CVE-2022-21248 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

CVE-2022-21282 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVE-2022-21282 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVE-2022-21283 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2022:0873-1
Rating: important

Topics%20covered

Topics Covered

security advisory software patch SUSE system fix important update Java OpenJDK

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here