Overview

File _patchinfo of Package patchinfo.10970

<patchinfo incident="10970">
  <issue tracker="cve" id="2019-2684"/>
  <issue tracker="cve" id="2019-2602"/>
  <issue tracker="bnc" id="1132728">VUL-0: CVE-2019-2602: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: flaw inside BigDecimal implementation (Component: Libraries)</issue>
  <issue tracker="bnc" id="1132732">VUL-0: CVE-2019-2684: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: flaw was found in the RMI registry implementation</issue>
  <packager>fstrba</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for java-11-openjdk</summary>
  <description>This update for java-11-openjdk to version 11.0.3+7 fixes the following issues:

Security issues fixed:

- CVE-2019-2602: Fixed excessive use of CPU time in the BigDecimal implementation (bsc#1132728).
- CVE-2019-2684: Fixed a flaw in the RMI registry implementation which could lead to selection of an incorrect skeleton class (bsc#1132732).

Non-security issues fixed:

- Multiple bug fixes and improvements.
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places