Overview

File _patchinfo of Package patchinfo.11983

<patchinfo incident="11983">
  <issue tracker="cve" id="2019-2426"/>
  <issue tracker="cve" id="2019-2816"/>
  <issue tracker="cve" id="2019-2762"/>
  <issue tracker="cve" id="2019-2769"/>
  <issue tracker="cve" id="2019-2842"/>
  <issue tracker="cve" id="2018-3639"/>
  <issue tracker="cve" id="2019-2766"/>
  <issue tracker="cve" id="2019-7317"/>
  <issue tracker="cve" id="2019-2786"/>
  <issue tracker="cve" id="2019-2745"/>
  <issue tracker="bnc" id="1141787">VUL-0: CVE-2019-2786: java-1_8_0-openjdk,java-11-openjdk: Issue inside Component Security</issue>
  <issue tracker="bnc" id="1141785">VUL-0: CVE-2019-2816: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: Issue inside Component Networking</issue>
  <issue tracker="bnc" id="1141782">VUL-0: CVE-2019-2762: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: Issue inside Component Utilities</issue>
  <issue tracker="bnc" id="1141784">VUL-0: CVE-2019-2745: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: Issue inside Component Security</issue>
  <issue tracker="bnc" id="1134297">VUL-0: CVE-2019-2426: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: Improve web server connections (subcomponent: Networking)</issue>
  <issue tracker="bnc" id="1141780">VUL-0: CVE-2019-7317: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: Issue inside Component AWT (libpng)</issue>
  <issue tracker="bnc" id="1141789">VUL-0: CVE-2019-2766: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: Issue inside Component Networking</issue>
  <issue tracker="bnc" id="1141783">VUL-0: CVE-2019-2769: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: Issue inside Component Utilities</issue>
  <issue tracker="bnc" id="1141786">VUL-0: CVE-2019-2842: java-1_8_0-openjdk: Issue inside Component JCE</issue>
  <issue tracker="bnc" id="1087082">VUL-0: CVE-2018-3639: V4 - Speculative Store Bypass aka "Memory Disambiguation"</issue>
  <packager>fstrba</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for java-1_7_0-openjdk</summary>
  <description>This update for java-1_7_0-openjdk to version 7u231 fixes the following issues:

Security issues fixed:

- CVE_2019-2426: Improve web server connections (bsc#1134297).
- CVE-2019-2745: Improved ECC Implementation (bsc#1141784).
- CVE-2019-2762: Exceptional throw cases (bsc#1141782).
- CVE-2019-2766: Improve file protocol handling (bsc#1141789).
- CVE-2019-2769: Better copies of CopiesList (bsc#1141783).
- CVE-2019-2786: More limited privilege usage (bsc#1141787).
- CVE-2019-2816: Normalize normalization (bsc#1141785).
- CVE-2019-2842: Extended AES support (bsc#1141786).
- CVE-2019-7317: Improve PNG support (bsc#1141780).
- CVE-2018-3639: fix revision to prefer PR_SPEC_DISABLE_NOEXEC to PR_SPEC_DISABLE (bsc#1087082).
- Certificate validation improvements
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places