File _patchinfo of Package patchinfo.10711
<patchinfo incident="10711">
<issue tracker="cve" id="2019-2769"/>
<issue tracker="cve" id="2019-2786"/>
<issue tracker="cve" id="2019-7317"/>
<issue tracker="cve" id="2019-2766"/>
<issue tracker="cve" id="2019-2842"/>
<issue tracker="cve" id="2019-2745"/>
<issue tracker="cve" id="2019-2762"/>
<issue tracker="cve" id="2019-2816"/>
<issue tracker="bnc" id="1141780">VUL-0: CVE-2019-7317: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: Issue inside Component AWT (libpng)</issue>
<issue tracker="bnc" id="1141789">VUL-0: CVE-2019-2766: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: Issue inside Component Networking</issue>
<issue tracker="bnc" id="1115375">java-*-javadoc installation fails with excludedocs=true</issue>
<issue tracker="bnc" id="1141784">VUL-0: CVE-2019-2745: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: Issue inside Component Security</issue>
<issue tracker="bnc" id="1141782">VUL-0: CVE-2019-2762: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: Issue inside Component Utilities</issue>
<issue tracker="bnc" id="1141785">VUL-0: CVE-2019-2816: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: Issue inside Component Networking</issue>
<issue tracker="bnc" id="1141786">VUL-0: CVE-2019-2842: java-1_8_0-openjdk: Issue inside Component JCE</issue>
<issue tracker="bnc" id="1141787">VUL-0: CVE-2019-2786: java-1_8_0-openjdk,java-11-openjdk: Issue inside Component Security</issue>
<issue tracker="bnc" id="1141783">VUL-0: CVE-2019-2769: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk: Issue inside Component Utilities</issue>
<packager>fstrba</packager>
<rating>important</rating>
<category>security</category>
<summary>Security update for java-1_8_0-openjdk</summary>
<description>This update for java-1_8_0-openjdk to version 8u222 fixes the following issues:
Security issues fixed:
- CVE-2019-2745: Improved ECC Implementation (bsc#1141784).
- CVE-2019-2762: Exceptional throw cases (bsc#1141782).
- CVE-2019-2766: Improve file protocol handling (bsc#1141789).
- CVE-2019-2769: Better copies of CopiesList (bsc#1141783).
- CVE-2019-2786: More limited privilege usage (bsc#1141787).
- CVE-2019-2816: Normalize normalization (bsc#1141785).
- CVE-2019-2842: Extended AES support (bsc#1141786).
- CVE-2019-7317: Improve PNG support (bsc#1141780).
- Certificate validation improvements
Non-security issue fixed:
- Fixed an issue where the installation failed when the manpages are not present (bsc#1115375)
This update was imported from the SUSE:SLE-15:Update update project.</description>
</patchinfo>