SUSE-SU-2018:0663-1

See a problem?
Please try reporting it to the source first.

Source

https://www.suse.com/support/update/announcement/2018/suse-su-20180663-1/

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:0663-1.json

JSON Data

https://api.test.osv.dev/v1/vulns/SUSE-SU-2018:0663-1

Upstream

CVE-2018-2579

CVE-2018-2582

CVE-2018-2588

CVE-2018-2599

CVE-2018-2602

CVE-2018-2603

CVE-2018-2618

CVE-2018-2629

CVE-2018-2633

CVE-2018-2634

CVE-2018-2637

CVE-2018-2641

CVE-2018-2663

CVE-2018-2677

CVE-2018-2678

Related

CVE-2018-2579
CVE-2018-2582
CVE-2018-2588
CVE-2018-2599
CVE-2018-2602
CVE-2018-2603
CVE-2018-2618
CVE-2018-2629
CVE-2018-2633
CVE-2018-2634
CVE-2018-2637
CVE-2018-2641
CVE-2018-2663
CVE-2018-2677
CVE-2018-2678

Published

2018-03-12T12:18:36Z

Modified

2026-03-11T06:42:51.424148Z

Summary

Security update for java-1_8_0-openjdk

Details

This update for java-180-openjdk fixes the following issues:

Security issues fix in jdk8u161 (icedtea 3.7.0)(bsc#1076366):

CVE-2018-2579: Improve key keying case
CVE-2018-2582: Better interface invocations
CVE-2018-2588: Improve LDAP logins
CVE-2018-2599: Improve reliability of DNS lookups
CVE-2018-2602: Improve usage messages
CVE-2018-2603: Improve PKCS usage
CVE-2018-2618: Stricter key generation
CVE-2018-2629: Improve GSS handling
CVE-2018-2633: Improve LDAP lookup robustness
CVE-2018-2634: Improve property negotiations
CVE-2018-2637: Improve JMX supportive features
CVE-2018-2641: Improve GTK initialization
CVE-2018-2663: More refactoring for deserialization cases
CVE-2018-2677: More refactoring for client deserialization cases
CVE-2018-2678: More refactoring for naming deserialization cases

References

Affected packages

SUSE:Linux Enterprise Desktop 12 SP2

java-1_8_0-openjdk

Package

Name: java-1_8_0-openjdk
Purl: pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.8.0.161-27.13.1

Ecosystem specific

{
    "binaries": [
        {
            "java-1_8_0-openjdk-headless": "1.8.0.161-27.13.1",
            "java-1_8_0-openjdk": "1.8.0.161-27.13.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:0663-1.json"

SUSE:Linux Enterprise Desktop 12 SP3

java-1_8_0-openjdk

Package

Name: java-1_8_0-openjdk
Purl: pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.8.0.161-27.13.1

Ecosystem specific

{
    "binaries": [
        {
            "java-1_8_0-openjdk-headless": "1.8.0.161-27.13.1",
            "java-1_8_0-openjdk": "1.8.0.161-27.13.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:0663-1.json"

SUSE:Linux Enterprise Server 12 SP1-LTSS

java-1_8_0-openjdk

Package

Name: java-1_8_0-openjdk
Purl: pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.8.0.161-27.13.1

Ecosystem specific

{
    "binaries": [
        {
            "java-1_8_0-openjdk-devel": "1.8.0.161-27.13.1",
            "java-1_8_0-openjdk-headless": "1.8.0.161-27.13.1",
            "java-1_8_0-openjdk-demo": "1.8.0.161-27.13.1",
            "java-1_8_0-openjdk": "1.8.0.161-27.13.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:0663-1.json"

SUSE:Linux Enterprise Server 12 SP2

java-1_8_0-openjdk

Package

Name: java-1_8_0-openjdk
Purl: pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.8.0.161-27.13.1

Ecosystem specific

{
    "binaries": [
        {
            "java-1_8_0-openjdk-devel": "1.8.0.161-27.13.1",
            "java-1_8_0-openjdk-headless": "1.8.0.161-27.13.1",
            "java-1_8_0-openjdk-demo": "1.8.0.161-27.13.1",
            "java-1_8_0-openjdk": "1.8.0.161-27.13.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:0663-1.json"

SUSE:Linux Enterprise Server 12 SP3

java-1_8_0-openjdk

Package

Name: java-1_8_0-openjdk
Purl: pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.8.0.161-27.13.1

Ecosystem specific

{
    "binaries": [
        {
            "java-1_8_0-openjdk-devel": "1.8.0.161-27.13.1",
            "java-1_8_0-openjdk-headless": "1.8.0.161-27.13.1",
            "java-1_8_0-openjdk-demo": "1.8.0.161-27.13.1",
            "java-1_8_0-openjdk": "1.8.0.161-27.13.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:0663-1.json"

SUSE:Linux Enterprise Server for Raspberry Pi 12 SP2

java-1_8_0-openjdk

Package

Name: java-1_8_0-openjdk
Purl: pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.8.0.161-27.13.1

Ecosystem specific

{
    "binaries": [
        {
            "java-1_8_0-openjdk-devel": "1.8.0.161-27.13.1",
            "java-1_8_0-openjdk-headless": "1.8.0.161-27.13.1",
            "java-1_8_0-openjdk-demo": "1.8.0.161-27.13.1",
            "java-1_8_0-openjdk": "1.8.0.161-27.13.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:0663-1.json"

SUSE:Linux Enterprise Server for SAP Applications 12 SP1

java-1_8_0-openjdk

Package

Name: java-1_8_0-openjdk
Purl: pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.8.0.161-27.13.1

Ecosystem specific

{
    "binaries": [
        {
            "java-1_8_0-openjdk-devel": "1.8.0.161-27.13.1",
            "java-1_8_0-openjdk-headless": "1.8.0.161-27.13.1",
            "java-1_8_0-openjdk-demo": "1.8.0.161-27.13.1",
            "java-1_8_0-openjdk": "1.8.0.161-27.13.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:0663-1.json"

SUSE:Linux Enterprise Server for SAP Applications 12 SP2

java-1_8_0-openjdk

Package

Name: java-1_8_0-openjdk
Purl: pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.8.0.161-27.13.1

Ecosystem specific

{
    "binaries": [
        {
            "java-1_8_0-openjdk-devel": "1.8.0.161-27.13.1",
            "java-1_8_0-openjdk-headless": "1.8.0.161-27.13.1",
            "java-1_8_0-openjdk-demo": "1.8.0.161-27.13.1",
            "java-1_8_0-openjdk": "1.8.0.161-27.13.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:0663-1.json"

SUSE:Linux Enterprise Server for SAP Applications 12 SP3

java-1_8_0-openjdk

Package

Name: java-1_8_0-openjdk
Purl: pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.8.0.161-27.13.1

Ecosystem specific

{
    "binaries": [
        {
            "java-1_8_0-openjdk-devel": "1.8.0.161-27.13.1",
            "java-1_8_0-openjdk-headless": "1.8.0.161-27.13.1",
            "java-1_8_0-openjdk-demo": "1.8.0.161-27.13.1",
            "java-1_8_0-openjdk": "1.8.0.161-27.13.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:0663-1.json"

SUSE:OpenStack Cloud 6

java-1_8_0-openjdk

Package

Name: java-1_8_0-openjdk
Purl: pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20OpenStack%20Cloud%206

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.8.0.161-27.13.1

Ecosystem specific

{
    "binaries": [
        {
            "java-1_8_0-openjdk-devel": "1.8.0.161-27.13.1",
            "java-1_8_0-openjdk-headless": "1.8.0.161-27.13.1",
            "java-1_8_0-openjdk-demo": "1.8.0.161-27.13.1",
            "java-1_8_0-openjdk": "1.8.0.161-27.13.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:0663-1.json"