Overview

File _patchinfo of Package patchinfo.13455

<patchinfo incident="13455">
  <issue tracker="bnc" id="1138529">[aarch64] Bazel 0.19.2 fails to build with JRE internal error on some workers (ThunderX1 and OverDrive 1000)</issue>
  <issue tracker="bnc" id="1154212">VUL-0: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: Oracle 2019 October CPU</issue>
  <issue tracker="bnc" id="1152856">VUL-0: CVE-2019-2894: java-1_7_0-openjdk,java-11-openjdk,java-10-openjdk: Minerva: ECDSA key recovery from bit-length leakage</issue>
  <issue tracker="cve" id="2019-2975"/>
  <issue tracker="cve" id="2019-2987"/>
  <issue tracker="cve" id="2019-2964"/>
  <issue tracker="cve" id="2019-2958"/>
  <issue tracker="cve" id="2019-2999"/>
  <issue tracker="cve" id="2019-2973"/>
  <issue tracker="cve" id="2019-2933"/>
  <issue tracker="cve" id="2019-2978"/>
  <issue tracker="cve" id="2019-2949"/>
  <issue tracker="cve" id="2019-2945"/>
  <issue tracker="cve" id="2019-2988"/>
  <issue tracker="cve" id="2019-2989"/>
  <issue tracker="cve" id="2019-2894"/>
  <issue tracker="cve" id="2019-2981"/>
  <issue tracker="cve" id="2019-2992"/>
  <issue tracker="cve" id="2019-2983"/>
  <issue tracker="cve" id="2019-2962"/>
  <packager>fstrba</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for java-1_8_0-openjdk</summary>
  <description>This update for java-1_8_0-openjdk (jdk8u232/icedtea 3.14.0) fixes the following issues:

Security issues fixed (bsc#1154212):

- CVE-2019-2933: Windows file handling redux
- CVE-2019-2945: Better socket support
- CVE-2019-2949: Better Kerberos ccache handling
- CVE-2019-2958: Build Better Processes
- CVE-2019-2964: Better support for patterns
- CVE-2019-2962: Better Glyph Images
- CVE-2019-2973: Better pattern compilation
- CVE-2019-2975: Unexpected exception in jjs
- CVE-2019-2978: Improved handling of jar files
- CVE-2019-2981: Better Path supports
- CVE-2019-2983: Better serial attributes
- CVE-2019-2987: Better rendering of native glyphs
- CVE-2019-2988: Better Graphics2D drawing
- CVE-2019-2989: Improve TLS connection support
- CVE-2019-2992: Enhance font glyph mapping
- CVE-2019-2999: Commentary on Javadoc comments
- CVE-2019-2894: Enhance ECDSA operations (bsc#1152856)

Bug fixes:

- Fixed build failuers on ARM (bsc#1138529).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places