openSUSE Build Service

File _patchinfo of Package patchinfo

<patchinfo incident="9429">
  <issue tracker="bnc" id="1112147">VUL-0: CVE-2018-3180: java-1_7_0-openjdk, java-1_8_0-openjdk, java-11-openjdk: Unspecified vulnerability in subcomponent: JSSE</issue>
  <issue tracker="bnc" id="1112146">VUL-0: CVE-2018-3169: java-1_7_0-openjdk, java-1_8_0-openjdk, java-11-openjdk: Unspecified vulnerability in subcomponent: Hotspot</issue>
  <issue tracker="bnc" id="1112144">VUL-0: CVE-2018-3149: java-1_7_0-openjdk, java-1_8_0-openjdk, java-11-openjdk: Unspecified vulnerability in subcomponent: JNDI</issue>
  <issue tracker="bnc" id="1112143">VUL-0: CVE-2018-3139: java-1_7_0-openjdk, java-1_8_0-openjdk, java-11-openjdk: Unspecified vulnerability in subcomponent: Networking</issue>
  <issue tracker="bnc" id="1112142">VUL-0: CVE-2018-3136: java-1_7_0-openjdk, java-1_8_0-openjdk, java-11-openjdk: Unspecified vulnerability in subcomponent: Security</issue>
  <issue tracker="bnc" id="1112152">VUL-0: CVE-2018-3214: java-1_7_0-openjdk, java-1_8_0-openjdk: Unspecified vulnerability in subcomponent: Sound</issue>
  <issue tracker="bnc" id="1112153">VUL-0: CVE-2018-13785: java-1_7_0-openjdk, java-1_8_0-openjdk: Unspecified vulnerability in subcomponent: Deployment (libpng)</issue>
  <issue tracker="bnc" id="1101645">VUL-0: CVE-2018-2940: java-1_7_0-openjdk, java-1_8_0-openjdk, java-10-openjdk: Unspecified vulnerability in subcomponent Libraries</issue>
  <issue tracker="bnc" id="1101644">VUL-0: CVE-2018-2938: java-1_7_0-openjdk, java-1_8_0-openjdk: Unspecified vulnerability in subcomponent Java DB</issue>
  <issue tracker="bnc" id="1101656">VUL-0: CVE-2018-2973: java-1_7_0-openjdk, java-1_8_0-openjdk, java-10-openjdk: Unspecified vulnerability in subcomponent JSSE</issue>
  <issue tracker="bnc" id="1101651">VUL-0: CVE-2018-2952: java-1_7_0-openjdk, java-1_8_0-openjdk, java-10-openjdk: Unspecified vulnerability in subcomponent Concurrency</issue>
  <issue tracker="cve" id="2018-2938"/>
  <issue tracker="cve" id="2018-3214"/>
  <issue tracker="cve" id="2018-2973"/>
  <issue tracker="cve" id="2018-3169"/>
  <issue tracker="cve" id="2018-3180"/>
  <issue tracker="cve" id="2018-3639"/>
  <issue tracker="cve" id="2018-13785"/>
  <issue tracker="cve" id="2018-3149"/>
  <issue tracker="cve" id="2018-3139"/>
  <issue tracker="cve" id="2018-3136"/>
  <issue tracker="cve" id="2018-2952"/>
  <issue tracker="cve" id="2018-2940"/>
  <issue tracker="cve" id="2018-16435"/>
  <category>security</category>
  <rating>important</rating>
  <packager>fstrba</packager>
  <description>This update for java-1_7_0-openjdk to version 7u201 fixes the following issues:

Security issues fixed:

- CVE-2018-3136: Manifest better support (bsc#1112142)
- CVE-2018-3139: Better HTTP Redirection (bsc#1112143)
- CVE-2018-3149: Enhance JNDI lookups (bsc#1112144)
- CVE-2018-3169: Improve field accesses (bsc#1112146)
- CVE-2018-3180: Improve TLS connections stability (bsc#1112147)
- CVE-2018-3214: Better RIFF reading support (bsc#1112152)
- CVE-2018-13785: Upgrade JDK 8u to libpng 1.6.35 (bsc#1112153)
- CVE-2018-16435: heap-based buffer overflow in SetData function in cmsIT8LoadFromFile
- CVE-2018-2938: Support Derby connections (bsc#1101644)
- CVE-2018-2940: Better stack walking (bsc#1101645)
- CVE-2018-2952: Exception to Pattern Syntax (bsc#1101651)
- CVE-2018-2973: Improve LDAP support (bsc#1101656)
- CVE-2018-3639 cpu speculative store bypass mitigation

This update was imported from the SUSE:SLE-12:Update update project.</description>
  <summary>Security update for java-1_7_0-openjdk</summary>
<stopped>review sles text</stopped>
</patchinfo>
Places

File _patchinfo of Package patchinfo

Places
