SUSE-SU-2020:0025-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:0025-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2020:0025-1
- Related
- Published
- 2020-01-07T12:53:58Z
- Modified
- 2020-01-07T12:53:58Z
- Summary
- Security update for java-1_8_0-openjdk
- Details
-
This update for java-180-openjdk fixes the following issues:
Update to version jdk8u232 (icedtea 3.14.0) (October 2019 CPU, bsc#1154212)
Security issues fixed:
- CVE-2019-2933: Windows file handling redux
- CVE-2019-2945: Better socket support
- CVE-2019-2949: Better Kerberos ccache handling
- CVE-2019-2958: Build Better Processes
- CVE-2019-2964: Better support for patterns
- CVE-2019-2962: Better Glyph Images
- CVE-2019-2973: Better pattern compilation
- CVE-2019-2975: Unexpected exception in jjs
- CVE-2019-2978: Improved handling of jar files
- CVE-2019-2981: Better Path supports
- CVE-2019-2983: Better serial attributes
- CVE-2019-2987: Better rendering of native glyphs
- CVE-2019-2988: Better Graphics2D drawing
- CVE-2019-2989: Improve TLS connection support
- CVE-2019-2992: Enhance font glyph mapping
- CVE-2019-2999: Commentary on Javadoc comments
- CVE-2019-2894: Enhance ECDSA operations (bsc#1152856)
Bug fixes:
- Add patch to fix hotspot-aarch64 (bsc#1138529).
- References
-
- https://www.suse.com/support/update/announcement/2020/suse-su-20200025-1/
- https://bugzilla.suse.com/1138529
- https://bugzilla.suse.com/1152856
- https://bugzilla.suse.com/1154212
- https://www.suse.com/security/cve/CVE-2019-2894
- https://www.suse.com/security/cve/CVE-2019-2933
- https://www.suse.com/security/cve/CVE-2019-2945
- https://www.suse.com/security/cve/CVE-2019-2949
- https://www.suse.com/security/cve/CVE-2019-2958
- https://www.suse.com/security/cve/CVE-2019-2962
- https://www.suse.com/security/cve/CVE-2019-2964
- https://www.suse.com/security/cve/CVE-2019-2973
- https://www.suse.com/security/cve/CVE-2019-2975
- https://www.suse.com/security/cve/CVE-2019-2978
- https://www.suse.com/security/cve/CVE-2019-2981
- https://www.suse.com/security/cve/CVE-2019-2983
- https://www.suse.com/security/cve/CVE-2019-2987
- https://www.suse.com/security/cve/CVE-2019-2988
- https://www.suse.com/security/cve/CVE-2019-2989
- https://www.suse.com/security/cve/CVE-2019-2992
- https://www.suse.com/security/cve/CVE-2019-2999
Affected packages
SUSE:Linux Enterprise Desktop 12 SP4 / java-1_8_0-openjdk
Package
- Name
- java-1_8_0-openjdk
- Purl
- purl:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4
SUSE:Linux Enterprise Server 12 SP4 / java-1_8_0-openjdk
Package
- Name
- java-1_8_0-openjdk
- Purl
- purl:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4
SUSE:Linux Enterprise Server for SAP Applications 12 SP4 / java-1_8_0-openjdk
Package
- Name
- java-1_8_0-openjdk
- Purl
- purl:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4
SUSE:Linux Enterprise Server 12 SP5 / java-1_8_0-openjdk
Package
- Name
- java-1_8_0-openjdk
- Purl
- purl:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5