[SUSE-SU-2016:0390-1] Security update for java-1_8_0-ibm
Severity
Important
Affected Packages
5
CVEs
10
Security update for java-1_8_0-ibm
This update for java-1_8_0-ibm fixes the following security issues by updating to 8.0-2.10 (bsc#963937):
- CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances
- CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials
- CVE-2015-8126: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8472: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2016-0402: An unspecified vulnerability related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact
- CVE-2016-0448: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information
- CVE-2016-0466: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service
- CVE-2016-0475: An unspecified vulnerability related to the Libraries component has partial confidentiality impact, partial integrity impact, and no availability impact
- CVE-2016-0483: An unspecified vulnerability related to the AWT component has complete confidentiality impact, complete integrity impact, and complete availability impact
- CVE-2016-0494: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact
The following bugs were fixed:
- bsc#960402: resolve package conflicts in devel package
Package | Affected Version |
---|---|
pkg:rpm/suse/java-1_8_0-ibm?arch=x86_64&distro=sles-12&sp=1 | < 1.8.0_sr2.10-7.1 |
pkg:rpm/suse/java-1_8_0-ibm?arch=s390x&distro=sles-12&sp=1 | < 1.8.0_sr2.10-7.1 |
pkg:rpm/suse/java-1_8_0-ibm?arch=ppc64le&distro=sles-12&sp=1 | < 1.8.0_sr2.10-7.1 |
pkg:rpm/suse/java-1_8_0-ibm-plugin?arch=x86_64&distro=sles-12&sp=1 | < 1.8.0_sr2.10-7.1 |
pkg:rpm/suse/java-1_8_0-ibm-alsa?arch=x86_64&distro=sles-12&sp=1 | < 1.8.0_sr2.10-7.1 |
- ID
- SUSE-SU-2016:0390-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2016/suse-su-20160390-1/
- Published
-
2016-02-09T10:02:25
(8 years ago) - Modified
-
2016-02-09T10:02:25
(8 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2015-611
- ALAS-2015-615
- ALAS-2016-643
- ALAS-2016-645
- ALAS-2016-647
- ALAS-2016-651
- ALAS-2016-654
- ALAS-2016-661
- DSA-3399-1
- DSA-3436-1
- DSA-3437-1
- DSA-3443-1
- DSA-3457-1
- DSA-3458-1
- DSA-3465-1
- DSA-3491-1
- DSA-3507-1
- DSA-3688-1
- DSA-3725-1
- ELSA-2015-2594
- ELSA-2015-2595
- ELSA-2015-2596
- ELSA-2016-0007
- ELSA-2016-0008
- ELSA-2016-0012
- ELSA-2016-0049
- ELSA-2016-0050
- ELSA-2016-0053
- ELSA-2016-0054
- ELSA-2016-0067
- FEDORA-2015-13668fff74
- FEDORA-2015-1d87313b7c
- FEDORA-2015-233750b6ab
- FEDORA-2015-3461e976cb
- FEDORA-2015-39499d9af8
- FEDORA-2015-4ad4998d00
- FEDORA-2015-501493d853
- FEDORA-2015-5e52306c9c
- FEDORA-2015-8a1243db75
- FEDORA-2015-8c475f7169
- FEDORA-2015-97fc1797fa
- FEDORA-2015-ac8100927a
- FEDORA-2015-c80ec85542
- FEDORA-2015-ec2ddd15d7
- FEDORA-2016-43735c33a7
- FEDORA-2016-9a1c707b10
- FREEBSD:10F7BC76-0335-4A88-B391-0B05B3A8CE1C
- FREEBSD:1886E195-8B87-11E5-90E7-B499BAEBFEAF
- GLSA-201603-09
- GLSA-201603-14
- GLSA-201605-06
- GLSA-201610-08
- GLSA-201611-08
- GLSA-201701-46
- GLSA-201706-18
- GLSA-201801-15
- RHSA-2015:2594
- RHSA-2015:2595
- RHSA-2015:2596
- RHSA-2016:0007
- RHSA-2016:0008
- RHSA-2016:0012
- RHSA-2016:0049
- RHSA-2016:0050
- RHSA-2016:0053
- RHSA-2016:0054
- RHSA-2016:0067
- RHSA-2016:0098
- RHSA-2016:0099
- RHSA-2016:0101
- SSA:2015-337-01
- SSA:2015-349-02
- SUSE-SU-2015:2013-1
- SUSE-SU-2015:2017-1
- SUSE-SU-2015:2024-1
- SUSE-SU-2016:0027-1
- SUSE-SU-2016:0041-1
- SUSE-SU-2016:0050-1
- SUSE-SU-2016:0061-1
- SUSE-SU-2016:0149-1
- SUSE-SU-2016:0189-1
- SUSE-SU-2016:0256-1
- SUSE-SU-2016:0265-1
- SUSE-SU-2016:0269-1
- SUSE-SU-2016:0399-1
- SUSE-SU-2016:0401-1
- SUSE-SU-2016:0428-1
- SUSE-SU-2016:0431-1
- SUSE-SU-2016:0433-1
- SUSE-SU-2016:0584-1
- SUSE-SU-2016:0636-1
- SUSE-SU-2016:0770-1
- USN-2815-1
- USN-2861-1
- USN-2863-1
- USN-2864-1
- USN-2865-1
- USN-2866-1
- USN-2884-1
- USN-2885-1
- USN-2904-1
- USN-3227-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/suse/java-1_8_0-ibm?arch=x86_64&distro=sles-12&sp=1 | suse | java-1_8_0-ibm | < 1.8.0_sr2.10-7.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/java-1_8_0-ibm?arch=s390x&distro=sles-12&sp=1 | suse | java-1_8_0-ibm | < 1.8.0_sr2.10-7.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/java-1_8_0-ibm?arch=ppc64le&distro=sles-12&sp=1 | suse | java-1_8_0-ibm | < 1.8.0_sr2.10-7.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/java-1_8_0-ibm-plugin?arch=x86_64&distro=sles-12&sp=1 | suse | java-1_8_0-ibm-plugin | < 1.8.0_sr2.10-7.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/java-1_8_0-ibm-alsa?arch=x86_64&distro=sles-12&sp=1 | suse | java-1_8_0-ibm-alsa | < 1.8.0_sr2.10-7.1 | sles-12 | x86_64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |