Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Mehrere Probleme in OpenJDK7
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in OpenJDK7
ID: openSUSE-SU-2016:2058-1
Distribution: SUSE
Plattformen: SUSE openSUSE 13.1
Datum: Fr, 12. August 2016, 14:05
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3511
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3503
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3498
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3606
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3500
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3550
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3458
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3485
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3598
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3508
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3610

Originalnachricht

   openSUSE Security Update: Security update for OpenJDK7
______________________________________________________________________________

Announcement ID: openSUSE-SU-2016:2058-1
Rating: important
References: #988651 #989722 #989723 #989725 #989727 #989728
#989729 #989730 #989731 #989732 #989733 #989734

Cross-References: CVE-2016-3458 CVE-2016-3485 CVE-2016-3498
CVE-2016-3500 CVE-2016-3503 CVE-2016-3508
CVE-2016-3511 CVE-2016-3550 CVE-2016-3598
CVE-2016-3606 CVE-2016-3610
Affected Products:
openSUSE 13.1
______________________________________________________________________________

An update that solves 11 vulnerabilities and has one errata
is now available.

Description:

Update to 2.6.7 - OpenJDK 7u111
* Security fixes
- S8079718, CVE-2016-3458: IIOP Input Stream Hooking (bsc#989732)
- S8145446, CVE-2016-3485: Perfect pipe placement (Windows
only) (bsc#989734)
- S8147771: Construction of static protection domains under Javax
custom policy
- S8148872, CVE-2016-3500: Complete name checking (bsc#989730)
- S8149962, CVE-2016-3508: Better delineation of XML processing
(bsc#989731)
- S8150752: Share Class Data
- S8151925: Font reference improvements
- S8152479, CVE-2016-3550: Coded byte streams (bsc#989733)
- S8155981, CVE-2016-3606: Bolster bytecode verification (bsc#989722)
- S8155985, CVE-2016-3598: Persistent Parameter Processing (bsc#989723)
- S8158571, CVE-2016-3610: Additional method handle validation
(bsc#989725)
- CVE-2016-3511 (bsc#989727)
- CVE-2016-3503 (bsc#989728)
- CVE-2016-3498 (bsc#989729)


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 13.1:

zypper in -t patch 2016-982=1

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 13.1 (i586 x86_64):

java-1_7_0-openjdk-1.7.0.111-24.39.1
java-1_7_0-openjdk-accessibility-1.7.0.111-24.39.1
java-1_7_0-openjdk-debuginfo-1.7.0.111-24.39.1
java-1_7_0-openjdk-debugsource-1.7.0.111-24.39.1
java-1_7_0-openjdk-demo-1.7.0.111-24.39.1
java-1_7_0-openjdk-demo-debuginfo-1.7.0.111-24.39.1
java-1_7_0-openjdk-devel-1.7.0.111-24.39.1
java-1_7_0-openjdk-devel-debuginfo-1.7.0.111-24.39.1
java-1_7_0-openjdk-headless-1.7.0.111-24.39.1
java-1_7_0-openjdk-headless-debuginfo-1.7.0.111-24.39.1
java-1_7_0-openjdk-src-1.7.0.111-24.39.1

- openSUSE 13.1 (noarch):

java-1_7_0-openjdk-javadoc-1.7.0.111-24.39.1


References:

https://www.suse.com/security/cve/CVE-2016-3458.html
https://www.suse.com/security/cve/CVE-2016-3485.html
https://www.suse.com/security/cve/CVE-2016-3498.html
https://www.suse.com/security/cve/CVE-2016-3500.html
https://www.suse.com/security/cve/CVE-2016-3503.html
https://www.suse.com/security/cve/CVE-2016-3508.html
https://www.suse.com/security/cve/CVE-2016-3511.html
https://www.suse.com/security/cve/CVE-2016-3550.html
https://www.suse.com/security/cve/CVE-2016-3598.html
https://www.suse.com/security/cve/CVE-2016-3606.html
https://www.suse.com/security/cve/CVE-2016-3610.html
https://bugzilla.suse.com/988651
https://bugzilla.suse.com/989722
https://bugzilla.suse.com/989723
https://bugzilla.suse.com/989725
https://bugzilla.suse.com/989727
https://bugzilla.suse.com/989728
https://bugzilla.suse.com/989729
https://bugzilla.suse.com/989730
https://bugzilla.suse.com/989731
https://bugzilla.suse.com/989732
https://bugzilla.suse.com/989733
https://bugzilla.suse.com/989734

--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung