Overview

File _patchinfo of Package patchinfo.1890

<patchinfo incident="1890">
  <issue id="962743" tracker="bnc">VUL-0: Oracle Critical Patch Update Advisory - January 2016 tracker bug</issue>
  <issue tracker="bnc" id="960996">VUL-0: CVE-2015-7575: SLOTH: Security Losses from Obsolete and Truncated Transcript Hashes</issue>
  <issue id="CVE-2015-7575" tracker="cve" />
  <issue id="CVE-2015-8126" tracker="cve" />
  <issue id="CVE-2016-0402" tracker="cve" />
  <issue id="CVE-2016-0448" tracker="cve" />
  <issue id="CVE-2016-0466" tracker="cve" />
  <issue id="CVE-2016-0475" tracker="cve" />
  <issue id="CVE-2016-0483" tracker="cve" />
  <issue id="CVE-2016-0494" tracker="cve" />
  <category>security</category>
  <rating>critical</rating>
  <packager>fstrba</packager>
  <description>java-1_8_0-openjdk was updated to version 7u95 to fix several security issues. (bsc#962743)
    
The following vulnerabilities were fixed:

- CVE-2015-7575: Further reduce use of MD5 (SLOTH) (bsc#960996)
- CVE-2015-8126: Vulnerability in the AWT component related to splashscreen displays
- CVE-2015-8472: Vulnerability in the AWT component, addressed by same fix
- CVE-2016-0402: Vulnerability in the Networking component related to URL processing
- CVE-2016-0448: Vulnerability in the JMX comonent related to attribute processing
- CVE-2016-0466: Vulnerability in the JAXP component, related to limits
- CVE-2016-0483: Vulnerability in the AWT component related to image decoding
- CVE-2016-0494: Vulnerability in 2D component related to font actions
</description>
  <summary>Security update for java-1_8_0-openjdk</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places