File _patchinfo of Package patchinfo.18265

<patchinfo incident="18265">
  <issue tracker="bnc" id="1182186">VUL-0: CVE-2020-27221: java-1_7_0-ibm,java-1_7_1-ibm,java-1_8_0-ibm: Stack-based buffer overflow when converting from UTF-8 characters to platform encoding (Update to IBM Security Update February 2021)</issue>
  <issue tracker="bnc" id="1181239">VUL-0: CVE-2020-14803: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: Oracle January 2021 CPU</issue>
  <issue tracker="cve" id="2020-14803"/>
  <issue tracker="cve" id="2020-27221"/>
  <summary>Security update for java-1_8_0-ibm</summary>
  <description>This update for java-1_8_0-ibm fixes the following issues:

- Update to Java 8.0 Service Refresh 6 Fix Pack 25
  [bsc#1182186, bsc#1181239, CVE-2020-27221, CVE-2020-14803]
  * CVE-2020-27221: Potential for a stack-based buffer overflow
    when the virtual machine or JNI natives are converting from
    UTF-8 characters to platform encoding.
  * CVE-2020-14803: Unauthenticated attacker with network access
    via multiple protocols allows to compromise Java SE.
openSUSE Build Service is sponsored by