Overview

File _patchinfo of Package patchinfo.20659

<patchinfo incident="20659">
  <issue tracker="cve" id="2021-2341"/>
  <issue tracker="cve" id="2021-2369"/>
  <issue tracker="cve" id="2021-2388"/>
  <issue tracker="cve" id="2021-2161"/>
  <issue tracker="bnc" id="1188565">VUL-0: CVE-2021-2369: java-1_8_0-openjdk,java-1_7_0-openjdk,java-11-openjdk: JAR file handling problem containing multiple MANIFEST.MF files</issue>
  <issue tracker="bnc" id="1188564">VUL-0: CVE-2021-2341: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: flaw inside the FtpClient</issue>
  <issue tracker="bnc" id="1185056">VUL-0: CVE-2021-2161: java-11-openjdk,java-1_7_0-openjdk,java-1_8_0-openjdk: Incorrect handling of partially quoted arguments in ProcessBuilder on Windows</issue>
  <issue tracker="bnc" id="1188566">VUL-0: CVE-2021-2388: java-11-openjdk,java-1_8_0-openjdk: flaw inside the Hotspot component performed range check elimination</issue>
  <packager>fstrba</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for java-1_8_0-openjdk</summary>
  <description>This update for java-1_8_0-openjdk fixes the following issues:

- Update to version jdk8u302 (icedtea 3.20.0)
- CVE-2021-2341: Improve file transfers. (bsc#1188564)
- CVE-2021-2369: Better jar file validation. (bsc#1188565)
- CVE-2021-2388: Enhance compiler validation. (bsc#1188566)
- CVE-2021-2161: Less ambiguous processing. (bsc#1185056)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places