openSUSE Build Service

Overview Details Repositories Revisions Requests Users Attributes Meta

Security update for java-1_8_0-openjdk

This update for java-1_8_0-openjdk fixes the following issues:

- Update to version jdk8u151 (icedtea 3.6.0)

Security issues fixed:

- CVE-2017-10274: Handle smartcard clean up better (bsc#1064071)
- CVE-2017-10281: Better queuing priorities (bsc#1064072)
- CVE-2017-10285: Unreferenced references (bsc#1064073)
- CVE-2017-10295: Better URL connections (bsc#1064075)
- CVE-2017-10388: Correct Kerberos ticket grants (bsc#1064086)
- CVE-2017-10346: Better invokespecial checks (bsc#1064078)
- CVE-2017-10350: Better Base Exceptions (bsc#1064082)
- CVE-2017-10347: Better timezone processing (bsc#1064079)
- CVE-2017-10349: Better X processing (bsc#1064081)
- CVE-2017-10345: Better keystore handling (bsc#1064077)
- CVE-2017-10348: Better processing of unresolved permissions (bsc#1064080)
- CVE-2017-10357: Process Proxy presentation (bsc#1064085)
- CVE-2017-10355: More stable connection processing (bsc#1064083)
- CVE-2017-10356: Update storage implementations (bsc#1064084)
- CVE-2016-10165: Improve CMS header processing (bsc#1064069)
- CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843: Upgrade compression library (bsc#1064070)

Bug fixes:

- Fix bsc#1032647, bsc#1052009 with btrfs subvolumes and overlayfs

This update was imported from the SUSE:SLE-12-SP1:Update update project.

Submitted by Fridrich Strba (fstrba)

Fixed bugs

bnc#1064069

VUL-0: CVE-2016-10165: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent 2D (Little CMS 2)

bnc#1032647

OpenJDK: Cannot obtain FileStore if device of path is not in /proc/mounts

bnc#1064079

VUL-0: CVE-2017-10347: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent Serialization

bnc#1064081

VUL-0: CVE-2017-10349: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent JAXP

bnc#1064075

VUL-0: CVE-2017-10295: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent Networking

bnc#1064077

VUL-0: CVE-2017-10345: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent Serialization

bnc#1064071

VUL-0: CVE-2017-10274: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent Smart Card IO

bnc#1064070

VUL-0: CVE-2016-9841: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent Util (zlib)

bnc#1064073

VUL-0: CVE-2017-10285: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent RMI

bnc#1064072

VUL-0: CVE-2017-10281: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent Serialization

bnc#1064084

VUL-0: CVE-2017-10356: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent Security

bnc#1064085

VUL-0: CVE-2017-10357: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent Serialization

bnc#1064086

VUL-0: CVE-2017-10388: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent Libraries

bnc#1064083

VUL-0: CVE-2017-10355: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent Networking

bnc#1052009

java-1_8_0-openjdk: Files.getFileStore fails for files with overlayfs2, but succeeds for directories

bnc#1064078

VUL-0: CVE-2017-10346: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent Hotspot

bnc#1064082

VUL-0: CVE-2017-10350: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent JAX-WS

bnc#1064080

VUL-0: CVE-2017-10348: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent Libraries

Places

Fixed bugs

Selected Binaries

Places