[SUSE-SU-2016:0390-1] Security update for java-1_8_0-ibm
Severity
Important
Affected Packages
5
CVEs
10
Security update for java-1_8_0-ibm
This update for java-1_8_0-ibm fixes the following security issues by updating to 8.0-2.10 (bsc#963937):
- CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances
- CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials
- CVE-2015-8126: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8472: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2016-0402: An unspecified vulnerability related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact
- CVE-2016-0448: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information
- CVE-2016-0466: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service
- CVE-2016-0475: An unspecified vulnerability related to the Libraries component has partial confidentiality impact, partial integrity impact, and no availability impact
- CVE-2016-0483: An unspecified vulnerability related to the AWT component has complete confidentiality impact, complete integrity impact, and complete availability impact
- CVE-2016-0494: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact
The following bugs were fixed:
- bsc#960402: resolve package conflicts in devel package
| Package | Affected Version |
|---|---|
 pkg:rpm/suse/java-1_8_0-ibm?arch=x86_64&distro=sles-12&sp=1
|
< 1.8.0_sr2.10-7.1 |
|
pkg:rpm/suse/java-1_8_0-ibm?arch=s390x&distro=sles-12&sp=1
|
< 1.8.0_sr2.10-7.1 |
|
pkg:rpm/suse/java-1_8_0-ibm?arch=ppc64le&distro=sles-12&sp=1
|
< 1.8.0_sr2.10-7.1 |
|
pkg:rpm/suse/java-1_8_0-ibm-plugin?arch=x86_64&distro=sles-12&sp=1
|
< 1.8.0_sr2.10-7.1 |
|
pkg:rpm/suse/java-1_8_0-ibm-alsa?arch=x86_64&distro=sles-12&sp=1
|
< 1.8.0_sr2.10-7.1 |
- ID
- SUSE-SU-2016:0390-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2016/suse-su-20160390-1/
- Published
-
2016-02-09T10:02:25
(8 years ago) - Modified
-
2016-02-09T10:02:25
(8 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ALAS-2015-611
-
ALAS-2015-615
-
ALAS-2016-643
-
ALAS-2016-645
-
ALAS-2016-647
-
ALAS-2016-651
-
ALAS-2016-654
-
ALAS-2016-661
-
DSA-3399-1
-
DSA-3436-1
-
DSA-3437-1
-
DSA-3443-1
-
DSA-3457-1
-
DSA-3458-1
-
DSA-3465-1
-
DSA-3491-1
-
DSA-3507-1
-
DSA-3688-1
-
DSA-3725-1
-
ELSA-2015-2594
-
ELSA-2015-2595
-
ELSA-2015-2596
-
ELSA-2016-0007
-
ELSA-2016-0008
-
ELSA-2016-0012
-
ELSA-2016-0049
-
ELSA-2016-0050
-
ELSA-2016-0053
-
ELSA-2016-0054
-
ELSA-2016-0067
-
FEDORA-2015-13668fff74
-
FEDORA-2015-1d87313b7c
-
FEDORA-2015-233750b6ab
-
FEDORA-2015-3461e976cb
-
FEDORA-2015-39499d9af8
-
FEDORA-2015-4ad4998d00
-
FEDORA-2015-501493d853
-
FEDORA-2015-5e52306c9c
-
FEDORA-2015-8a1243db75
-
FEDORA-2015-8c475f7169
-
FEDORA-2015-97fc1797fa
-
FEDORA-2015-ac8100927a
-
FEDORA-2015-c80ec85542
-
FEDORA-2015-ec2ddd15d7
-
FEDORA-2016-43735c33a7
-
FEDORA-2016-9a1c707b10
-
FREEBSD:10F7BC76-0335-4A88-B391-0B05B3A8CE1C
-
FREEBSD:1886E195-8B87-11E5-90E7-B499BAEBFEAF
-
GLSA-201603-09
-
GLSA-201603-14
-
GLSA-201605-06
-
GLSA-201610-08
-
GLSA-201611-08
-
GLSA-201701-46
-
GLSA-201706-18
-
GLSA-201801-15
-
RHSA-2015:2594
-
RHSA-2015:2595
-
RHSA-2015:2596
-
RHSA-2016:0007
-
RHSA-2016:0008
-
RHSA-2016:0012
-
RHSA-2016:0049
-
RHSA-2016:0050
-
RHSA-2016:0053
-
RHSA-2016:0054
-
RHSA-2016:0067
-
RHSA-2016:0098
-
RHSA-2016:0099
-
RHSA-2016:0101
-
SSA:2015-337-01
-
SSA:2015-349-02
-
SUSE-SU-2015:2013-1
-
SUSE-SU-2015:2017-1
-
SUSE-SU-2015:2024-1
-
SUSE-SU-2016:0027-1
-
SUSE-SU-2016:0041-1
-
SUSE-SU-2016:0050-1
-
SUSE-SU-2016:0061-1
-
SUSE-SU-2016:0149-1
-
SUSE-SU-2016:0189-1
-
SUSE-SU-2016:0256-1
-
SUSE-SU-2016:0265-1
-
SUSE-SU-2016:0269-1
-
SUSE-SU-2016:0399-1
-
SUSE-SU-2016:0401-1
-
SUSE-SU-2016:0428-1
-
SUSE-SU-2016:0431-1
-
SUSE-SU-2016:0433-1
-
SUSE-SU-2016:0584-1
-
SUSE-SU-2016:0636-1
-
SUSE-SU-2016:0770-1
-
USN-2815-1
-
USN-2861-1
-
USN-2863-1
-
USN-2864-1
-
USN-2865-1
-
USN-2866-1
-
USN-2884-1
-
USN-2885-1
-
USN-2904-1
-
USN-3227-1
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/suse/java-1_8_0-ibm?arch=x86_64&distro=sles-12&sp=1 | suse |
java-1_8_0-ibm
|
< 1.8.0_sr2.10-7.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/java-1_8_0-ibm?arch=s390x&distro=sles-12&sp=1 | suse |
java-1_8_0-ibm
|
< 1.8.0_sr2.10-7.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/java-1_8_0-ibm?arch=ppc64le&distro=sles-12&sp=1 | suse |
java-1_8_0-ibm
|
< 1.8.0_sr2.10-7.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/java-1_8_0-ibm-plugin?arch=x86_64&distro=sles-12&sp=1 | suse |
java-1_8_0-ibm-plugin
|
< 1.8.0_sr2.10-7.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/java-1_8_0-ibm-alsa?arch=x86_64&distro=sles-12&sp=1 | suse |
java-1_8_0-ibm-alsa
|
< 1.8.0_sr2.10-7.1 | sles-12 | x86_64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |