Overview Repositories Revisions Requests Users Attributes Meta
Security update for java-1_8_0-openjdk

This update for java-1_8_0-openjdk to version 8u212 fixes the following issues:

Security issues fixed:

- CVE-2019-2602: Better String parsing (bsc#1132728).
- CVE-2019-2684: More dynamic RMI interactions (bsc#1132732).
- CVE-2019-2698: Fuzzing TrueType fonts - setCurrGlyphID() (bsc#1132729).
- CVE-2019-2422: Better FileChannel (bsc#1122293).
- CVE-2018-11212: Improve JPEG (bsc#1122299).

Non-Security issue fixed:

- Disable LTO (bsc#1133135).
- Added Japanese new era name.

This update was imported from the SUSE:SLE-12-SP1:Update update project.

Fixed bugs
CVE-2018-11212
CVE-2019-2426
CVE-2019-2422
CVE-2018-3639
CVE-2019-2684
CVE-2019-2698
CVE-2019-2602
bnc#1122299
VUL-1: CVE-2018-11212: libjpeg-turbo,libjpeg62-turbo: Divide By Zero in alloc_sarray function in jmemmgr.c
bnc#1122293
VUL-0: CVE-2019-2422: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: memory disclosure in FileChannelImpl
bnc#1132728
VUL-0: CVE-2019-2602: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: flaw inside BigDecimal implementation (Component: Libraries)
bnc#1132732
VUL-0: CVE-2019-2684: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: flaw was found in the RMI registry implementation
bnc#1133135
LTO: java-1_8_0-openjdk build fails
bnc#1132729
VUL-0: CVE-2019-2698: java-1_7_0-openjdk,java-1_8_0-openjdk: out of bounds access flaw in the 2D component
Selected Binaries
openSUSE Build Service is sponsored by
Places