SUSE-SU-2020:3310-1
- Source
- https://www.suse.com/support/update/announcement/2020/suse-su-20203310-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:3310-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2020:3310-1
- Upstream
- Related
- Published
- 2020-11-12T15:04:09Z
- Modified
- 2025-05-02T04:09:53.657046Z
- Summary
- Security update for java-1_7_0-openjdk
- Details
-
This update for java-170-openjdk fixes the following issues:
- Update to 2.6.24 - OpenJDK 7u281 (October 2020 CPU, bsc#1177943)
- Security fixes
- JDK-8233624: Enhance JNI linkage
- JDK-8236862, CVE-2020-14779: Enhance support of Proxy class
- JDK-8237990, CVE-2020-14781: Enhanced LDAP contexts
- JDK-8237995, CVE-2020-14782: Enhance certificate processing
- JDK-8240124: Better VM Interning
- JDK-8241114, CVE-2020-14792: Better range handling
- JDK-8242680, CVE-2020-14796: Improved URI Support
- JDK-8242685, CVE-2020-14797: Better Path Validation
- JDK-8242695, CVE-2020-14798: Enhanced buffer support
- JDK-8243302: Advanced class supports
- JDK-8244136, CVE-2020-14803: Improved Buffer supports
- JDK-8244479: Further constrain certificates
- JDK-8244955: Additional Fix for JDK-8240124
- JDK-8245407: Enhance zoning of times
- JDK-8245412: Better class definitions
- JDK-8245417: Improve certificate chain handling
- JDK-8248574: Improve jpeg processing
- JDK-8249927: Specify limits of jdk.serialProxyInterfaceLimit
- JDK-8253019: Enhanced JPEG decoding
- Import of OpenJDK 7 u281 build 1
- JDK-8145096: Undefined behaviour in HotSpot
- JDK-8215265: C2: range check elimination may allow illegal out of bound access
- Backports
- JDK-8250861, PR3812: Crash in MinINode::Ideal(PhaseGVN*, bool)
- Security fixes
- Update to 2.6.24 - OpenJDK 7u281 (October 2020 CPU, bsc#1177943)
- References
-
- https://www.suse.com/support/update/announcement/2020/suse-su-20203310-1/
- https://bugzilla.suse.com/1177943
- https://www.suse.com/security/cve/CVE-2020-14779
- https://www.suse.com/security/cve/CVE-2020-14781
- https://www.suse.com/security/cve/CVE-2020-14782
- https://www.suse.com/security/cve/CVE-2020-14792
- https://www.suse.com/security/cve/CVE-2020-14796
- https://www.suse.com/security/cve/CVE-2020-14797
- https://www.suse.com/security/cve/CVE-2020-14798
- https://www.suse.com/security/cve/CVE-2020-14803
Affected packages
SUSE:Enterprise Storage 5
java-1_7_0-openjdk
Package
- Name
- java-1_7_0-openjdk
- Purl
- pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Enterprise%20Storage%205
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.7.0.281-43.44.2
SUSE:HPE Helion OpenStack 8
java-1_7_0-openjdk
Package
- Name
- java-1_7_0-openjdk
- Purl
- pkg:rpm/suse/java-1_7_0-openjdk&distro=HPE%20Helion%20OpenStack%208
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.7.0.281-43.44.2
SUSE:Linux Enterprise Server 12 SP2-BCL
java-1_7_0-openjdk
Package
- Name
- java-1_7_0-openjdk
- Purl
- pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.7.0.281-43.44.2
SUSE:Linux Enterprise Server 12 SP2-LTSS
java-1_7_0-openjdk
Package
- Name
- java-1_7_0-openjdk
- Purl
- pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.7.0.281-43.44.2
SUSE:Linux Enterprise Server 12 SP3-BCL
java-1_7_0-openjdk
Package
- Name
- java-1_7_0-openjdk
- Purl
- pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCL
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.7.0.281-43.44.2
SUSE:Linux Enterprise Server 12 SP3-LTSS
java-1_7_0-openjdk
Package
- Name
- java-1_7_0-openjdk
- Purl
- pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.7.0.281-43.44.2
SUSE:Linux Enterprise Server 12 SP4-LTSS
java-1_7_0-openjdk
Package
- Name
- java-1_7_0-openjdk
- Purl
- pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.7.0.281-43.44.2
SUSE:Linux Enterprise Server 12 SP5
java-1_7_0-openjdk
Package
- Name
- java-1_7_0-openjdk
- Purl
- pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.7.0.281-43.44.2
SUSE:Linux Enterprise Server for SAP Applications 12 SP2
java-1_7_0-openjdk
Package
- Name
- java-1_7_0-openjdk
- Purl
- pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.7.0.281-43.44.2
SUSE:Linux Enterprise Server for SAP Applications 12 SP3
java-1_7_0-openjdk
Package
- Name
- java-1_7_0-openjdk
- Purl
- pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.7.0.281-43.44.2
SUSE:Linux Enterprise Server for SAP Applications 12 SP4
java-1_7_0-openjdk
Package
- Name
- java-1_7_0-openjdk
- Purl
- pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.7.0.281-43.44.2
SUSE:Linux Enterprise Server for SAP Applications 12 SP5
java-1_7_0-openjdk
Package
- Name
- java-1_7_0-openjdk
- Purl
- pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.7.0.281-43.44.2
SUSE:OpenStack Cloud 7
java-1_7_0-openjdk
Package
- Name
- java-1_7_0-openjdk
- Purl
- pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20OpenStack%20Cloud%207
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.7.0.281-43.44.2
SUSE:OpenStack Cloud 8
java-1_7_0-openjdk
Package
- Name
- java-1_7_0-openjdk
- Purl
- pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20OpenStack%20Cloud%208
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.7.0.281-43.44.2
SUSE:OpenStack Cloud 9
java-1_7_0-openjdk
Package
- Name
- java-1_7_0-openjdk
- Purl
- pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20OpenStack%20Cloud%209
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.7.0.281-43.44.2
SUSE:OpenStack Cloud Crowbar 8
java-1_7_0-openjdk
Package
- Name
- java-1_7_0-openjdk
- Purl
- pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.7.0.281-43.44.2
SUSE:OpenStack Cloud Crowbar 9
java-1_7_0-openjdk
Package
- Name
- java-1_7_0-openjdk
- Purl
- pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.7.0.281-43.44.2