SUSE: 2022:14875-1 Moderate: Java 1.7.1 Excessive Memory Update

suse

January 18, 2022

An update that solves 11 vulnerabilities and has two fixes is now available

Summary

This update for java-1_7_1-ibm fixes the following issues: - Update to Java 7.1 Service Refresh 5 Fix Pack 0 - CVE-2021-41035: before version 0.29.0, the openj9 JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods. (bsc#1194198, bsc#1192052) - CVE-2021-35586: Excessive memory allocation in BMPImageReader. (bsc#1191914) - CVE-2021-35564: Certificates with end dates too far in the future can corrupt keystore. (bsc#1191913) - CVE-2021-35559: Excessive memory allocation in RTFReader. (bsc#1191911) - CVE-2021-35556: Excessive memory allocation in RTFParser. (bsc#1191910) - CVE-2021-35565: Loop in HttpsServer triggered during TLS session close. (bsc#1191909) - CVE-2021-35588: Incomplete validation of inner class references in

Topics Covered

security advisory moderate update fixes memory issue SUSE java-1_7_1-ibm

References

#1185055 #1188564 #1188565 #1188568 #1191905

#1191909 #1191910 #1191911 #1191913 #1191914

#1192052 #1194198 #1194232

Cross- CVE-2021-2163 CVE-2021-2341 CVE-2021-2369

CVE-2021-2432 CVE-2021-35556 CVE-2021-35559

CVE-2021-35564 CVE-2021-35565 CVE-2021-35586

CVE-2021-35588 CVE-2021-41035

CVSS scores:

CVE-2021-2163 (NVD) : 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

CVE-2021-2163 (SUSE): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

CVE-2021-2341 (NVD) : 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

CVE-2021-2341 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

CVE-2021-2369 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CVE-2021-2369 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Announcement ID: SUSE-SU-2022:14875-1

Rating: moderate

Topics Covered

security advisory moderate update fixes memory issue SUSE java-1_7_1-ibm

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2022:14875-1 Moderate: Java 1.7.1 Excessive Memory Update

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2022:14875-1 Moderate: Java 1.7.1 Excessive Memory Update

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!