File _patchinfo of Package patchinfo.10530

<patchinfo incident="10530">
  <issue tracker="bnc" id="1128158">VUL-0: CVE-2018-1890: java-1_8_0-ibm,java-1_7_0-ibm: local privilege escalation via insecure RPATHs</issue>
  <issue tracker="bnc" id="1122299">VUL-1: CVE-2018-11212: libjpeg-turbo,libjpeg62-turbo: Divide By Zero in alloc_sarray function in jmemmgr.c</issue>
  <issue tracker="bnc" id="1122292">VUL-0: CVE-2019-2449: java-1_8_0-openjdk: Remote attackers may delete arbitrary files</issue>
  <issue tracker="bnc" id="1122293">VUL-0: CVE-2019-2422: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: memory disclosure in FileChannelImpl</issue>
  <issue tracker="cve" id="2018-1890"/>
  <issue tracker="cve" id="2019-2422"/>
  <issue tracker="cve" id="2018-11212"/>
  <issue tracker="cve" id="2019-2449"/>
  <description>This update for java-1_8_0-ibm to version fixes the following issues:

Security issues fixed: 	  

- CVE-2019-2422: Fixed a memory disclosure in FileChannelImpl (bsc#1122293).
- CVE-2018-11212: Fixed an issue in alloc_sarray function in jmemmgr.c (bsc#1122299).
- CVE-2018-1890: Fixed a local privilege escalation via RPATHs (bsc#1128158).
- CVE-2019-2449: Fixed a vulnerabilit which could allow remote atackers to delete arbitrary files (bsc#1122292). 

More information:
  <summary>Security update for java-1_8_0-ibm</summary>
openSUSE Build Service is sponsored by