File _patchinfo of Package patchinfo.6010

<patchinfo incident="6010">
  <issue id="1064069" tracker="bnc">VUL-0: CVE-2016-10165: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent 2D (Little CMS 2)</issue>
  <issue id="1032647" tracker="bnc">OpenJDK: Cannot obtain FileStore if device of path is not in /proc/mounts</issue>
  <issue id="1064079" tracker="bnc">VUL-0: CVE-2017-10347: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent Serialization</issue>
  <issue id="1064081" tracker="bnc">VUL-0: CVE-2017-10349: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent JAXP</issue>
  <issue id="1064075" tracker="bnc">VUL-0: CVE-2017-10295: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent Networking</issue>
  <issue id="1064077" tracker="bnc">VUL-0: CVE-2017-10345: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent Serialization</issue>
  <issue id="1064071" tracker="bnc">VUL-0: CVE-2017-10274: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent Smart Card IO</issue>
  <issue id="1064070" tracker="bnc">VUL-0: CVE-2016-9841: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent Util (zlib)</issue>
  <issue id="1064073" tracker="bnc">VUL-0: CVE-2017-10285: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent RMI</issue>
  <issue id="1064072" tracker="bnc">VUL-0: CVE-2017-10281: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent Serialization</issue>
  <issue id="1064084" tracker="bnc">VUL-0: CVE-2017-10356: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent Security</issue>
  <issue id="1064085" tracker="bnc">VUL-0: CVE-2017-10357: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent Serialization</issue>
  <issue id="1064086" tracker="bnc">VUL-0: CVE-2017-10388: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent Libraries</issue>
  <issue id="1064083" tracker="bnc">VUL-0: CVE-2017-10355: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent Networking</issue>
  <issue id="1052009" tracker="bnc">java-1_8_0-openjdk:  Files.getFileStore fails for files with overlayfs2, but succeeds for directories</issue>
  <issue id="1064078" tracker="bnc">VUL-0: CVE-2017-10346: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent Hotspot</issue>
  <issue id="1064082" tracker="bnc">VUL-0: CVE-2017-10350: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent JAX-WS</issue>
  <issue id="1064080" tracker="bnc">VUL-0: CVE-2017-10348: java-1_8_0-openjdk,java-1_7_0-openjdk: issue inside subcomponent Libraries</issue>
  <issue id="2017-10349" tracker="cve" />
  <issue id="2017-10274" tracker="cve" />
  <issue id="2017-10388" tracker="cve" />
  <issue id="2017-10348" tracker="cve" />
  <issue id="2017-10345" tracker="cve" />
  <issue id="2017-10350" tracker="cve" />
  <issue id="2017-10285" tracker="cve" />
  <issue id="2017-10356" tracker="cve" />
  <issue id="2017-10357" tracker="cve" />
  <issue id="2017-10295" tracker="cve" />
  <issue id="2017-10355" tracker="cve" />
  <issue id="2016-9841" tracker="cve" />
  <issue id="2017-10347" tracker="cve" />
  <issue id="2016-9840" tracker="cve" />
  <issue id="2016-10165" tracker="cve" />
  <issue id="2016-9842" tracker="cve" />
  <issue id="2016-9843" tracker="cve" />
  <issue id="2017-10346" tracker="cve" />
  <issue id="2017-10281" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>fstrba</packager>
  <description>This update for java-1_8_0-openjdk fixes the following issues:

- Update to version jdk8u151 (icedtea 3.6.0)

Security issues fixed:

- CVE-2017-10274: Handle smartcard clean up better (bsc#1064071)
- CVE-2017-10281: Better queuing priorities (bsc#1064072)
- CVE-2017-10285: Unreferenced references (bsc#1064073)
- CVE-2017-10295: Better URL connections (bsc#1064075)
- CVE-2017-10388: Correct Kerberos ticket grants (bsc#1064086)
- CVE-2017-10346: Better invokespecial checks (bsc#1064078)
- CVE-2017-10350: Better Base Exceptions (bsc#1064082)
- CVE-2017-10347: Better timezone processing (bsc#1064079)
- CVE-2017-10349: Better X processing (bsc#1064081)
- CVE-2017-10345: Better keystore handling (bsc#1064077)
- CVE-2017-10348: Better processing of unresolved permissions (bsc#1064080)
- CVE-2017-10357: Process Proxy presentation (bsc#1064085)
- CVE-2017-10355: More stable connection processing (bsc#1064083)
- CVE-2017-10356: Update storage implementations (bsc#1064084)
- CVE-2016-10165: Improve CMS header processing (bsc#1064069)
- CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843: Upgrade compression library (bsc#1064070)

Bug fixes:

- Fix bsc#1032647, bsc#1052009 with btrfs subvolumes and overlayfs
</description>
  <summary>Security update for java-1_8_0-openjdk</summary>
</patchinfo>
Places

File _patchinfo of Package patchinfo.6010

Places
