SUSE-SU-2020:3310-1

Source
https://www.suse.com/support/update/announcement/2020/suse-su-20203310-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:3310-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2020:3310-1
Related
Published
2020-11-12T15:04:09Z
Modified
2020-11-12T15:04:09Z
Summary
Security update for java-1_7_0-openjdk
Details

This update for java-170-openjdk fixes the following issues:

  • Update to 2.6.24 - OpenJDK 7u281 (October 2020 CPU, bsc#1177943)
    • Security fixes
      • JDK-8233624: Enhance JNI linkage
      • JDK-8236862, CVE-2020-14779: Enhance support of Proxy class
      • JDK-8237990, CVE-2020-14781: Enhanced LDAP contexts
      • JDK-8237995, CVE-2020-14782: Enhance certificate processing
      • JDK-8240124: Better VM Interning
      • JDK-8241114, CVE-2020-14792: Better range handling
      • JDK-8242680, CVE-2020-14796: Improved URI Support
      • JDK-8242685, CVE-2020-14797: Better Path Validation
      • JDK-8242695, CVE-2020-14798: Enhanced buffer support
      • JDK-8243302: Advanced class supports
      • JDK-8244136, CVE-2020-14803: Improved Buffer supports
      • JDK-8244479: Further constrain certificates
      • JDK-8244955: Additional Fix for JDK-8240124
      • JDK-8245407: Enhance zoning of times
      • JDK-8245412: Better class definitions
      • JDK-8245417: Improve certificate chain handling
      • JDK-8248574: Improve jpeg processing
      • JDK-8249927: Specify limits of jdk.serialProxyInterfaceLimit
      • JDK-8253019: Enhanced JPEG decoding
    • Import of OpenJDK 7 u281 build 1
      • JDK-8145096: Undefined behaviour in HotSpot
      • JDK-8215265: C2: range check elimination may allow illegal out of bound access
    • Backports
      • JDK-8250861, PR3812: Crash in MinINode::Ideal(PhaseGVN*, bool)
References

Affected packages

SUSE:HPE Helion OpenStack 8 / java-1_7_0-openjdk

Package

Name
java-1_7_0-openjdk
Purl
purl:rpm/suse/java-1_7_0-openjdk&distro=HPE%20Helion%20OpenStack%208

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.7.0.281-43.44.2

Ecosystem specific

{
    "binaries": [
        {
            "java-1_7_0-openjdk-demo": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-headless": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-devel": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk": "1.7.0.281-43.44.2"
        }
    ]
}

SUSE:OpenStack Cloud 7 / java-1_7_0-openjdk

Package

Name
java-1_7_0-openjdk
Purl
purl:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20OpenStack%20Cloud%207

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.7.0.281-43.44.2

Ecosystem specific

{
    "binaries": [
        {
            "java-1_7_0-openjdk-demo": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-headless": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-devel": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk": "1.7.0.281-43.44.2"
        }
    ]
}

SUSE:OpenStack Cloud 8 / java-1_7_0-openjdk

Package

Name
java-1_7_0-openjdk
Purl
purl:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20OpenStack%20Cloud%208

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.7.0.281-43.44.2

Ecosystem specific

{
    "binaries": [
        {
            "java-1_7_0-openjdk-demo": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-headless": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-devel": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk": "1.7.0.281-43.44.2"
        }
    ]
}

SUSE:OpenStack Cloud 9 / java-1_7_0-openjdk

Package

Name
java-1_7_0-openjdk
Purl
purl:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20OpenStack%20Cloud%209

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.7.0.281-43.44.2

Ecosystem specific

{
    "binaries": [
        {
            "java-1_7_0-openjdk-demo": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-headless": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-devel": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk": "1.7.0.281-43.44.2"
        }
    ]
}

SUSE:OpenStack Cloud Crowbar 8 / java-1_7_0-openjdk

Package

Name
java-1_7_0-openjdk
Purl
purl:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.7.0.281-43.44.2

Ecosystem specific

{
    "binaries": [
        {
            "java-1_7_0-openjdk-demo": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-headless": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-devel": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk": "1.7.0.281-43.44.2"
        }
    ]
}

SUSE:OpenStack Cloud Crowbar 9 / java-1_7_0-openjdk

Package

Name
java-1_7_0-openjdk
Purl
purl:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.7.0.281-43.44.2

Ecosystem specific

{
    "binaries": [
        {
            "java-1_7_0-openjdk-demo": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-headless": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-devel": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk": "1.7.0.281-43.44.2"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP2 / java-1_7_0-openjdk

Package

Name
java-1_7_0-openjdk
Purl
purl:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.7.0.281-43.44.2

Ecosystem specific

{
    "binaries": [
        {
            "java-1_7_0-openjdk-demo": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-headless": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-devel": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk": "1.7.0.281-43.44.2"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP3 / java-1_7_0-openjdk

Package

Name
java-1_7_0-openjdk
Purl
purl:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.7.0.281-43.44.2

Ecosystem specific

{
    "binaries": [
        {
            "java-1_7_0-openjdk-demo": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-headless": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-devel": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk": "1.7.0.281-43.44.2"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP4 / java-1_7_0-openjdk

Package

Name
java-1_7_0-openjdk
Purl
purl:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.7.0.281-43.44.2

Ecosystem specific

{
    "binaries": [
        {
            "java-1_7_0-openjdk-demo": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-headless": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-devel": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk": "1.7.0.281-43.44.2"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP2-LTSS / java-1_7_0-openjdk

Package

Name
java-1_7_0-openjdk
Purl
purl:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.7.0.281-43.44.2

Ecosystem specific

{
    "binaries": [
        {
            "java-1_7_0-openjdk-demo": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-headless": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-devel": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk": "1.7.0.281-43.44.2"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP2-BCL / java-1_7_0-openjdk

Package

Name
java-1_7_0-openjdk
Purl
purl:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.7.0.281-43.44.2

Ecosystem specific

{
    "binaries": [
        {
            "java-1_7_0-openjdk-demo": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-headless": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-devel": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk": "1.7.0.281-43.44.2"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP3-LTSS / java-1_7_0-openjdk

Package

Name
java-1_7_0-openjdk
Purl
purl:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.7.0.281-43.44.2

Ecosystem specific

{
    "binaries": [
        {
            "java-1_7_0-openjdk-demo": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-headless": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-devel": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk": "1.7.0.281-43.44.2"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP3-BCL / java-1_7_0-openjdk

Package

Name
java-1_7_0-openjdk
Purl
purl:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCL

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.7.0.281-43.44.2

Ecosystem specific

{
    "binaries": [
        {
            "java-1_7_0-openjdk-demo": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-headless": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-devel": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk": "1.7.0.281-43.44.2"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP4-LTSS / java-1_7_0-openjdk

Package

Name
java-1_7_0-openjdk
Purl
purl:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.7.0.281-43.44.2

Ecosystem specific

{
    "binaries": [
        {
            "java-1_7_0-openjdk-demo": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-headless": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-devel": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk": "1.7.0.281-43.44.2"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / java-1_7_0-openjdk

Package

Name
java-1_7_0-openjdk
Purl
purl:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.7.0.281-43.44.2

Ecosystem specific

{
    "binaries": [
        {
            "java-1_7_0-openjdk-demo": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-headless": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-devel": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk": "1.7.0.281-43.44.2"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / java-1_7_0-openjdk

Package

Name
java-1_7_0-openjdk
Purl
purl:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.7.0.281-43.44.2

Ecosystem specific

{
    "binaries": [
        {
            "java-1_7_0-openjdk-demo": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-headless": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-devel": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk": "1.7.0.281-43.44.2"
        }
    ]
}

SUSE:Enterprise Storage 5 / java-1_7_0-openjdk

Package

Name
java-1_7_0-openjdk
Purl
purl:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Enterprise%20Storage%205

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.7.0.281-43.44.2

Ecosystem specific

{
    "binaries": [
        {
            "java-1_7_0-openjdk-demo": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-headless": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk-devel": "1.7.0.281-43.44.2",
            "java-1_7_0-openjdk": "1.7.0.281-43.44.2"
        }
    ]
}