exploitDog

SUSE-SU-2016:1250-1

Опубликовано: 06 мая 2016

Источник: suse-cvrf

Описание

Security update for java-1_7_0-openjdk

This update for java-1_7_0-openjdk to version 2.6.6 fixes five security issues.

These security issues were fixed:

CVE-2016-0686: Ensure thread consistency (bsc#976340).
CVE-2016-0687: Better byte behavior (bsc#976340).
CVE-2016-0695: Make DSA more fair (bsc#976340).
CVE-2016-3425: Better buffering of XML strings (bsc#976340).
CVE-2016-3427: Improve JMX connections (bsc#976340).

Список пакетов

SUSE Linux Enterprise Desktop 12

java-1_7_0-openjdk-1.7.0.101-30.1

java-1_7_0-openjdk-headless-1.7.0.101-30.1

SUSE Linux Enterprise Desktop 12 SP1

java-1_7_0-openjdk-1.7.0.101-30.1

java-1_7_0-openjdk-headless-1.7.0.101-30.1

SUSE Linux Enterprise Server 12

java-1_7_0-openjdk-1.7.0.101-30.1

java-1_7_0-openjdk-demo-1.7.0.101-30.1

java-1_7_0-openjdk-devel-1.7.0.101-30.1

java-1_7_0-openjdk-headless-1.7.0.101-30.1

SUSE Linux Enterprise Server 12 SP1

java-1_7_0-openjdk-1.7.0.101-30.1

java-1_7_0-openjdk-demo-1.7.0.101-30.1

java-1_7_0-openjdk-devel-1.7.0.101-30.1

java-1_7_0-openjdk-headless-1.7.0.101-30.1

SUSE Linux Enterprise Server for SAP Applications 12

java-1_7_0-openjdk-1.7.0.101-30.1

java-1_7_0-openjdk-demo-1.7.0.101-30.1

java-1_7_0-openjdk-devel-1.7.0.101-30.1

java-1_7_0-openjdk-headless-1.7.0.101-30.1

SUSE Linux Enterprise Server for SAP Applications 12 SP1

java-1_7_0-openjdk-1.7.0.101-30.1

java-1_7_0-openjdk-demo-1.7.0.101-30.1

java-1_7_0-openjdk-devel-1.7.0.101-30.1

java-1_7_0-openjdk-headless-1.7.0.101-30.1

Ссылки

https://www.suse.com/support/update/announcement/2016/suse-su-20161250-1/
Link for SUSE-SU-2016:1250-1
https://lists.suse.com/pipermail/sle-security-updates/2016-May/002046.html
E-Mail link for SUSE-SU-2016:1250-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/976340
SUSE Bug 976340
https://www.suse.com/security/cve/CVE-2016-0686/
SUSE CVE CVE-2016-0686 page
https://www.suse.com/security/cve/CVE-2016-0687/
SUSE CVE CVE-2016-0687 page
https://www.suse.com/security/cve/CVE-2016-0695/
SUSE CVE CVE-2016-0695 page
https://www.suse.com/security/cve/CVE-2016-3425/
SUSE CVE CVE-2016-3425 page
https://www.suse.com/security/cve/CVE-2016-3427/
SUSE CVE CVE-2016-3427 page

Описание

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.101-30.1

SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.101-30.1

SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.101-30.1

SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.101-30.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0686.html
CVE-2016-0686
https://bugzilla.suse.com/976340
SUSE Bug 976340
https://bugzilla.suse.com/979252
SUSE Bug 979252

Описание

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.101-30.1

SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.101-30.1

SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.101-30.1

SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.101-30.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0687.html
CVE-2016-0687
https://bugzilla.suse.com/976340
SUSE Bug 976340
https://bugzilla.suse.com/979252
SUSE Bug 979252

Описание

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.101-30.1

SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.101-30.1

SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.101-30.1

SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.101-30.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-0695.html
CVE-2016-0695
https://bugzilla.suse.com/976340
SUSE Bug 976340
https://bugzilla.suse.com/979252
SUSE Bug 979252

Описание

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.101-30.1

SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.101-30.1

SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.101-30.1

SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.101-30.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-3425.html
CVE-2016-3425
https://bugzilla.suse.com/976340
SUSE Bug 976340
https://bugzilla.suse.com/979252
SUSE Bug 979252

Описание

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.101-30.1

SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.101-30.1

SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.101-30.1

SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.101-30.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-3427.html
CVE-2016-3427
https://bugzilla.suse.com/1011805
SUSE Bug 1011805
https://bugzilla.suse.com/976340
SUSE Bug 976340
https://bugzilla.suse.com/979252
SUSE Bug 979252

Уязвимость SUSE-SU-2016:1250-1