Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2023:4506-1

Опубликовано: 21 нояб. 2023
Источник: suse-cvrf

Описание

Security update for java-1_8_0-openjdk

This update for java-1_8_0-openjdk fixes the following issues:

Update to version jdk8u392 (icedtea-3.29.0) October 2023 CPU:

  • CVE-2023-22067: Fixed IOR deserialization issue in CORBA (bsc#1216379).
  • CVE-2023-22081: Fixed certificate path validation issue during client authentication (bsc#1216374).
  • CVE-2015-4000: Fixed Logjam issue in SLES12SP5 (bsc#1211968).

Список пакетов

Container containers/apache-tomcat:9-openjdk8
java-1_8_0-openjdk-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-headless-1.8.0.392-150000.3.85.1
Image tomcat_15_6
java-1_8_0-openjdk-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-headless-1.8.0.392-150000.3.85.1
SUSE Enterprise Storage 7.1
java-1_8_0-openjdk-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-demo-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-devel-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-headless-1.8.0.392-150000.3.85.1
SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
java-1_8_0-openjdk-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-demo-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-devel-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-headless-1.8.0.392-150000.3.85.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
java-1_8_0-openjdk-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-demo-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-devel-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-headless-1.8.0.392-150000.3.85.1
SUSE Linux Enterprise Module for Legacy 15 SP4
java-1_8_0-openjdk-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-demo-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-devel-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-headless-1.8.0.392-150000.3.85.1
SUSE Linux Enterprise Module for Legacy 15 SP5
java-1_8_0-openjdk-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-demo-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-devel-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-headless-1.8.0.392-150000.3.85.1
SUSE Linux Enterprise Server 15 SP1-LTSS
java-1_8_0-openjdk-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-demo-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-devel-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-headless-1.8.0.392-150000.3.85.1
SUSE Linux Enterprise Server 15 SP2-LTSS
java-1_8_0-openjdk-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-demo-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-devel-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-headless-1.8.0.392-150000.3.85.1
SUSE Linux Enterprise Server 15 SP3-LTSS
java-1_8_0-openjdk-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-demo-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-devel-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-headless-1.8.0.392-150000.3.85.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
java-1_8_0-openjdk-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-demo-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-devel-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-headless-1.8.0.392-150000.3.85.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
java-1_8_0-openjdk-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-demo-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-devel-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-headless-1.8.0.392-150000.3.85.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
java-1_8_0-openjdk-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-demo-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-devel-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-headless-1.8.0.392-150000.3.85.1
openSUSE Leap 15.4
java-1_8_0-openjdk-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-accessibility-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-demo-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-devel-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-headless-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-javadoc-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-src-1.8.0.392-150000.3.85.1
openSUSE Leap 15.5
java-1_8_0-openjdk-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-accessibility-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-demo-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-devel-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-headless-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-javadoc-1.8.0.392-150000.3.85.1
java-1_8_0-openjdk-src-1.8.0.392-150000.3.85.1

Ссылки

Описание

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.

Затронутые продукты
Container containers/apache-tomcat:9-openjdk8:java-1_8_0-openjdk-1.8.0.392-150000.3.85.1
Container containers/apache-tomcat:9-openjdk8:java-1_8_0-openjdk-headless-1.8.0.392-150000.3.85.1
Image tomcat_15_6:java-1_8_0-openjdk-1.8.0.392-150000.3.85.1
Image tomcat_15_6:java-1_8_0-openjdk-headless-1.8.0.392-150000.3.85.1
Ссылки

Описание

unknown

Затронутые продукты
Container containers/apache-tomcat:9-openjdk8:java-1_8_0-openjdk-1.8.0.392-150000.3.85.1
Container containers/apache-tomcat:9-openjdk8:java-1_8_0-openjdk-headless-1.8.0.392-150000.3.85.1
Image tomcat_15_6:java-1_8_0-openjdk-1.8.0.392-150000.3.85.1
Image tomcat_15_6:java-1_8_0-openjdk-headless-1.8.0.392-150000.3.85.1
Ссылки

Описание

unknown

Затронутые продукты
Container containers/apache-tomcat:9-openjdk8:java-1_8_0-openjdk-1.8.0.392-150000.3.85.1
Container containers/apache-tomcat:9-openjdk8:java-1_8_0-openjdk-headless-1.8.0.392-150000.3.85.1
Image tomcat_15_6:java-1_8_0-openjdk-1.8.0.392-150000.3.85.1
Image tomcat_15_6:java-1_8_0-openjdk-headless-1.8.0.392-150000.3.85.1
Ссылки
Уязвимость SUSE-SU-2023:4506-1