Overview

File _patchinfo of Package patchinfo.17674

<patchinfo incident="17674">
  <issue tracker="bnc" id="1180063">VUL-0: IBM Java October 2020 release</issue>
  <issue tracker="bnc" id="1177943">VUL-0: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: Oracle October 2020 CPU</issue>
  <issue tracker="cve" id="2020-14779"/>
  <issue tracker="cve" id="2020-14798"/>
  <issue tracker="cve" id="2020-14796"/>
  <issue tracker="cve" id="2020-14792"/>
  <issue tracker="cve" id="2020-14782"/>
  <issue tracker="cve" id="2020-14803"/>
  <issue tracker="cve" id="2020-14781"/>
  <issue tracker="cve" id="2020-14797"/>
  <packager>pmonrealgonzalez</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for java-1_7_1-ibm</summary>
  <description>This update for java-1_7_1-ibm fixes the following issues:

- Update to Java 7.1 Service Refresh 4 Fix Pack 75 [bsc#1180063, bsc#1177943]
  CVE-2020-14792 CVE-2020-14797 CVE-2020-14782 CVE-2020-14781
  CVE-2020-14779 CVE-2020-14798 CVE-2020-14796 CVE-2020-14803
  * Class Libraries:
    - Z/OS specific C function send_file is changing the file pointer position
  * Security:
    - Add the new oracle signer certificate
    - Certificate parsing error
    - JVM memory growth can be caused by the IBMPKCS11IMPL crypto provider
    - Remove check for websphere signed jars
    - sessionid.hashcode generates too many collisions
    - The Java 8 IBM certpath provider does not honor the user
      specified system property for CLR connect timeout
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places