openSUSE-SU-2021:1480-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2021:1480-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/openSUSE-SU-2021:1480-1
- Upstream
- Related
- Published
- 2021-11-17T09:19:09Z
- Modified
- 2025-05-07T18:12:59.635868Z
- Summary
- Security update for java-11-openjdk
- Details
-
This update for java-11-openjdk fixes the following issues:
Update to 11.0.13+8 (October 2021 CPU)
- CVE-2021-35550, bsc#1191901: Update the default enabled cipher suites preference
- CVE-2021-35565, bsc#1191909: com.sun.net.HttpsServer spins on TLS session close
- CVE-2021-35556, bsc#1191910: Richer Text Editors
- CVE-2021-35559, bsc#1191911: Enhanced style for RTF kit
- CVE-2021-35561, bsc#1191912: Better hashing support
- CVE-2021-35564, bsc#1191913: Improve Keystore integrity
- CVE-2021-35567, bsc#1191903: More Constrained Delegation
- CVE-2021-35578, bsc#1191904: Improve TLS client handshaking
- CVE-2021-35586, bsc#1191914: Better BMP support
- CVE-2021-35603, bsc#1191906: Better session identification
- Improve Stream handling for SSL
- Improve requests of certificates
- Correct certificate requests
- Enhance DTLS client handshake
This update was imported from the SUSE:SLE-15:Update update project.
- References
-
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/443XZX47COH5AR2HZJWHHPFLGZ7FL7SI/
- https://bugzilla.suse.com/1191901
- https://bugzilla.suse.com/1191903
- https://bugzilla.suse.com/1191904
- https://bugzilla.suse.com/1191906
- https://bugzilla.suse.com/1191909
- https://bugzilla.suse.com/1191910
- https://bugzilla.suse.com/1191911
- https://bugzilla.suse.com/1191912
- https://bugzilla.suse.com/1191913
- https://bugzilla.suse.com/1191914
- https://www.suse.com/security/cve/CVE-2021-35550
- https://www.suse.com/security/cve/CVE-2021-35556
- https://www.suse.com/security/cve/CVE-2021-35559
- https://www.suse.com/security/cve/CVE-2021-35561
- https://www.suse.com/security/cve/CVE-2021-35564
- https://www.suse.com/security/cve/CVE-2021-35565
- https://www.suse.com/security/cve/CVE-2021-35567
- https://www.suse.com/security/cve/CVE-2021-35578
- https://www.suse.com/security/cve/CVE-2021-35586
- https://www.suse.com/security/cve/CVE-2021-35603
Affected packages
openSUSE:Leap 15.2 / java-11-openjdk
Package
- Name
- java-11-openjdk
- Purl
- pkg:rpm/opensuse/java-11-openjdk&distro=openSUSE%20Leap%2015.2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed11.0.13.0-lp152.2.21.2
Ecosystem specific
{
"binaries": [
{
"java-11-openjdk-javadoc": "11.0.13.0-lp152.2.21.2",
"java-11-openjdk": "11.0.13.0-lp152.2.21.2",
"java-11-openjdk-jmods": "11.0.13.0-lp152.2.21.2",
"java-11-openjdk-src": "11.0.13.0-lp152.2.21.2",
"java-11-openjdk-headless": "11.0.13.0-lp152.2.21.2",
"java-11-openjdk-demo": "11.0.13.0-lp152.2.21.2",
"java-11-openjdk-devel": "11.0.13.0-lp152.2.21.2",
"java-11-openjdk-accessibility": "11.0.13.0-lp152.2.21.2"
}
]
}