Mehrere Probleme in java-1_8_0-openjdk
ID: | SUSE-SU-2020:1569-2 |
Distribution: | SUSE |
Plattformen: | SUSE Linux Enterprise Module for Legacy Software 15-SP2 |
Datum: | Di, 14. Juli 2020, 23:57 |
Referenzen: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2773
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2800 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2757 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2830 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2805 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2756 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2781 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2755 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2803 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2754 |
Applikationen: | OpenJDK |
Originalnachricht |
|
SUSE Security Update: Security update for java-1_8_0-openjdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:1569-2 Rating: important References: #1160398 #1169511 #1171352 Cross-References: CVE-2020-2754 CVE-2020-2755 CVE-2020-2756 CVE-2020-2757 CVE-2020-2773 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2830 Affected Products: SUSE Linux Enterprise Module for Legacy Software 15-SP2 ______________________________________________________________________________ An update that fixes 10 vulnerabilities is now available. Description: This update for java-1_8_0-openjdk to version jdk8u252 fixes the following issues: - CVE-2020-2754: Forward references to Nashorn (bsc#1169511) - CVE-2020-2755: Improve Nashorn matching (bsc#1169511) - CVE-2020-2756: Better mapping of serial ENUMs (bsc#1169511) - CVE-2020-2757: Less Blocking Array Queues (bsc#1169511) - CVE-2020-2773: Better signatures in XML (bsc#1169511) - CVE-2020-2781: Improve TLS session handling (bsc#1169511) - CVE-2020-2800: Better Headings for HTTP Servers (bsc#1169511) - CVE-2020-2803: Enhance buffering of byte buffers (bsc#1169511) - CVE-2020-2805: Enhance typing of methods (bsc#1169511) - CVE-2020-2830: Better Scanner conversions (bsc#1169511) - Ignore whitespaces after the header or footer in PEM X.509 cert (bsc#1171352) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Legacy Software 15-SP2: zypper in -t patch SUSE-SLE-Module-Legacy-15-SP2-2020-1569=1 Package List: - SUSE Linux Enterprise Module for Legacy Software 15-SP2 (aarch64 ppc64le s390x x86_64): java-1_8_0-openjdk-1.8.0.252-3.35.3 java-1_8_0-openjdk-debuginfo-1.8.0.252-3.35.3 java-1_8_0-openjdk-debugsource-1.8.0.252-3.35.3 java-1_8_0-openjdk-demo-1.8.0.252-3.35.3 java-1_8_0-openjdk-demo-debuginfo-1.8.0.252-3.35.3 java-1_8_0-openjdk-devel-1.8.0.252-3.35.3 java-1_8_0-openjdk-devel-debuginfo-1.8.0.252-3.35.3 java-1_8_0-openjdk-headless-1.8.0.252-3.35.3 java-1_8_0-openjdk-headless-debuginfo-1.8.0.252-3.35.3 References: https://www.suse.com/security/cve/CVE-2020-2754.html https://www.suse.com/security/cve/CVE-2020-2755.html https://www.suse.com/security/cve/CVE-2020-2756.html https://www.suse.com/security/cve/CVE-2020-2757.html https://www.suse.com/security/cve/CVE-2020-2773.html https://www.suse.com/security/cve/CVE-2020-2781.html https://www.suse.com/security/cve/CVE-2020-2800.html https://www.suse.com/security/cve/CVE-2020-2803.html https://www.suse.com/security/cve/CVE-2020-2805.html https://www.suse.com/security/cve/CVE-2020-2830.html https://bugzilla.suse.com/1160398 https://bugzilla.suse.com/1169511 https://bugzilla.suse.com/1171352 _______________________________________________ sle-security-updates mailing list sle-security-updates@lists.suse.com http://lists.suse.com/mailman/listinfo/sle-security-updates |