Overview Details Repositories Revisions Requests Users Attributes Meta
Security update for java-1_7_0-openjdk

java-1_7_0-openjdk was updated to version 7u95 to fix 9 security issues. (bsc#962743)

- CVE-2015-4871: Rebinding of the receiver of a DirectMethodHandle may allow a protected method to be accessed
- CVE-2015-7575: Further reduce use of MD5 (SLOTH) (bsc#960996)
- CVE-2015-8126: Vulnerability in the AWT component related to splashscreen displays
- CVE-2015-8472: Vulnerability in the AWT component, addressed by same fix
- CVE-2016-0402: Vulnerability in the Networking component related to URL processing
- CVE-2016-0448: Vulnerability in the JMX comonent related to attribute processing
- CVE-2016-0466: Vulnerability in the JAXP component, related to limits
- CVE-2016-0483: Vulnerability in the AWT component related to image decoding
- CVE-2016-0494: Vulnerability in 2D component related to font actions

The following bugs were fixed:

- bsc#939523: java-1_7_0-openjdk-headless had X dependencies, move libjavagtk to full package

This update was imported from the SUSE:SLE-12:Update update project.

Fixed bugs
bnc#962743
VUL-0: Oracle Critical Patch Update Advisory - January 2016 tracker bug
bnc#939523
java-1_7_0-openjdk-headless update isn't headless anymore
bnc#960996
VUL-0: CVE-2015-7575: SLOTH: Security Losses from Obsolete and Truncated Transcript Hashes
CVE-CVE-2015-4871
CVE-CVE-2015-7575
CVE-CVE-2015-8126
CVE-CVE-2015-8472
CVE-CVE-2016-0402
CVE-CVE-2016-0448
CVE-CVE-2016-0466
CVE-CVE-2016-0483
CVE-CVE-2016-0494
Selected Binaries
openSUSE Build Service is sponsored by
Places