Overview

File _patchinfo of Package patchinfo.11161

<patchinfo incident="11161">
  <issue tracker="bnc" id="1132729">VUL-0: CVE-2019-2698: java-1_7_0-openjdk,java-1_8_0-openjdk: out of bounds access flaw in the 2D component</issue>
  <issue tracker="bnc" id="1132728">VUL-0: CVE-2019-2602: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: flaw inside BigDecimal implementation (Component: Libraries)</issue>
  <issue tracker="bnc" id="1132732">VUL-0: CVE-2019-2684: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: flaw was found in the RMI registry implementation</issue>
  <issue tracker="bnc" id="1122299">VUL-1: CVE-2018-11212: libjpeg-turbo,libjpeg62-turbo: Divide By Zero in alloc_sarray function in jmemmgr.c</issue>
  <issue tracker="bnc" id="1122293">VUL-0: CVE-2019-2422: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: memory disclosure in FileChannelImpl</issue>
  <issue tracker="bnc" id="1134297">VUL-0: CVE-2019-2426: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: Improve web server connections (subcomponent: Networking)</issue>
  <issue tracker="cve" id="2019-2602"/>
  <issue tracker="cve" id="2019-2422"/>
  <issue tracker="cve" id="2019-2684"/>
  <issue tracker="cve" id="2018-11212"/>
  <issue tracker="cve" id="2019-2698"/>
  <issue tracker="cve" id="2019-2426"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>fstrba</packager>
  <description>This update for java-1_7_0-openjdk fixes the following issues:

Update to 2.6.18 - OpenJDK 7u221 (April 2019 CPU)

Security issues fixed:

- CVE-2019-2602: Fixed flaw inside BigDecimal implementation (Component: Libraries) (bsc#1132728).
- CVE-2019-2684: Fixed flaw inside the RMI registry implementation (bsc#1132732).
- CVE-2019-2698: Fixed out of bounds access flaw in the 2D component (bsc#1132729).
- CVE-2019-2422: Fixed memory disclosure in FileChannelImpl (bsc#1122293).
- CVE-2018-11212: Fixed a Divide By Zero in alloc_sarray function in jmemmgr.c (bsc#1122299).
- CVE-2019-2426: Improve web server connections (bsc#1134297).

Bug fixes:

- Please check the package Changelog for detailed information.
</description>
  <summary>Security update for java-1_7_0-openjdk</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places