File _patchinfo of Package patchinfo.9896

<patchinfo incident="9896">
  <issue tracker="bnc" id="1112148">VUL-0: CVE-2018-3183: java-1_8_0-openjdk, java-11-openjdk: Unspecified vulnerability in subcomponent: Scripting</issue>
  <issue tracker="bnc" id="1112147">VUL-0: CVE-2018-3180: java-1_7_0-openjdk, java-1_8_0-openjdk, java-11-openjdk: Unspecified vulnerability in subcomponent: JSSE</issue>
  <issue tracker="bnc" id="1112146">VUL-0: CVE-2018-3169: java-1_7_0-openjdk, java-1_8_0-openjdk, java-11-openjdk: Unspecified vulnerability in subcomponent: Hotspot</issue>
  <issue tracker="bnc" id="1112144">VUL-0: CVE-2018-3149: java-1_7_0-openjdk, java-1_8_0-openjdk, java-11-openjdk: Unspecified vulnerability in subcomponent: JNDI</issue>
  <issue tracker="bnc" id="1112143">VUL-0: CVE-2018-3139: java-1_7_0-openjdk, java-1_8_0-openjdk, java-11-openjdk: Unspecified vulnerability in subcomponent: Networking</issue>
  <issue tracker="bnc" id="1112142">VUL-0: CVE-2018-3136: java-1_7_0-openjdk, java-1_8_0-openjdk, java-11-openjdk: Unspecified vulnerability in subcomponent: Security</issue>
  <issue tracker="bnc" id="1112152">VUL-0: CVE-2018-3214: java-1_7_0-openjdk, java-1_8_0-openjdk: Unspecified vulnerability in subcomponent: Sound</issue>
  <issue tracker="bnc" id="1112153">VUL-0: CVE-2018-13785: java-1_7_0-openjdk, java-1_8_0-openjdk: Unspecified vulnerability in subcomponent: Deployment (libpng)</issue>
  <issue tracker="cve" id="2018-3214"/>
  <issue tracker="cve" id="2018-3169"/>
  <issue tracker="cve" id="2018-3180"/>
  <issue tracker="cve" id="2018-3149"/>
  <issue tracker="cve" id="2018-3183"/>
  <issue tracker="cve" id="2018-13785"/>
  <issue tracker="cve" id="2018-3139"/>
  <issue tracker="cve" id="2018-3136"/>
  <issue tracker="cve" id="2018-16435"/>
  <category>security</category>
  <rating>important</rating>
  <packager>fstrba</packager>
  <description>This update for java-1_8_0-openjdk to version 8u191 fixes the following issues:

Security issues fixed:

- CVE-2018-3136: Manifest better support (bsc#1112142)
- CVE-2018-3139: Better HTTP Redirection (bsc#1112143)
- CVE-2018-3149: Enhance JNDI lookups (bsc#1112144)
- CVE-2018-3169: Improve field accesses (bsc#1112146)
- CVE-2018-3180: Improve TLS connections stability (bsc#1112147)
- CVE-2018-3214: Better RIFF reading support (bsc#1112152)
- CVE-2018-13785: Upgrade JDK 8u to libpng 1.6.35 (bsc#1112153)
- CVE-2018-3183: Improve script engine support (bsc#1112148)
- CVE-2018-16435: heap-based buffer overflow in SetData function in cmsIT8LoadFromFile
</description>
  <summary>Security update for java-1_8_0-openjdk</summary>
</patchinfo>
openSUSE Build Service is sponsored by