SUSE-SU-2020:3932-1

Source
https://www.suse.com/support/update/announcement/2020/suse-su-20203932-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:3932-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2020:3932-1
Related
Published
2020-12-23T17:22:34Z
Modified
2020-12-23T17:22:34Z
Summary
Security update for java-1_8_0-ibm
Details

This update for java-180-ibm fixes the following issues:

  • Update to Java 8.0 Service Refresh 6 Fix Pack 20 [bsc#1180063,bsc#1177943] CVE-2020-14792 CVE-2020-14797 CVE-2020-14781 CVE-2020-14779 CVE-2020-14798 CVE-2020-14796 CVE-2020-14803

    • Class libraries:
      • SOCKETADAPTOR$SOCKETINPUTSTREAM.READ is blocking for more time that the set timeout
      • Z/OS specific C function send_file is changing the file pointer position
    • Java Virtual Machine:
      • Crash on iterate java stack
      • Java process hang on SIGTERM
    • JIT Compiler:

      • JMS performance regression from JDK8 SR5 FP40 TO FP41
    • Class Libraries:

      • z15 high utilization following Z/VM and Linux migration from z14 To z15
    • Java Virtual Machine:
      • Assertion failed when trying to write a class file
      • Assertion failure at modronapi.cpp
      • Improve the performance of defining and finding classes
    • JIT Compiler:
      • An assert in ppcbinaryencoding.cpp may trigger when running with traps disabled on power
      • AOT field offset off by n bytes
      • Segmentation fault in jit module on ibm z platform
References

Affected packages

SUSE:Linux Enterprise Module for Legacy 15 SP1 / java-1_8_0-ibm

Package

Name
java-1_8_0-ibm
Purl
purl:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.0_sr6.20-3.47.1

Ecosystem specific

{
    "binaries": [
        {
            "java-1_8_0-ibm-alsa": "1.8.0_sr6.20-3.47.1",
            "java-1_8_0-ibm-plugin": "1.8.0_sr6.20-3.47.1",
            "java-1_8_0-ibm-devel": "1.8.0_sr6.20-3.47.1",
            "java-1_8_0-ibm": "1.8.0_sr6.20-3.47.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Legacy 15 SP2 / java-1_8_0-ibm

Package

Name
java-1_8_0-ibm
Purl
purl:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.0_sr6.20-3.47.1

Ecosystem specific

{
    "binaries": [
        {
            "java-1_8_0-ibm-alsa": "1.8.0_sr6.20-3.47.1",
            "java-1_8_0-ibm-plugin": "1.8.0_sr6.20-3.47.1",
            "java-1_8_0-ibm-devel": "1.8.0_sr6.20-3.47.1",
            "java-1_8_0-ibm": "1.8.0_sr6.20-3.47.1"
        }
    ]
}

SUSE:Linux Enterprise Server 15-LTSS / java-1_8_0-ibm

Package

Name
java-1_8_0-ibm
Purl
purl:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.0_sr6.20-3.47.1

Ecosystem specific

{
    "binaries": [
        {
            "java-1_8_0-ibm-alsa": "1.8.0_sr6.20-3.47.1",
            "java-1_8_0-ibm-plugin": "1.8.0_sr6.20-3.47.1",
            "java-1_8_0-ibm-devel": "1.8.0_sr6.20-3.47.1",
            "java-1_8_0-ibm": "1.8.0_sr6.20-3.47.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 15 / java-1_8_0-ibm

Package

Name
java-1_8_0-ibm
Purl
purl:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.0_sr6.20-3.47.1

Ecosystem specific

{
    "binaries": [
        {
            "java-1_8_0-ibm-alsa": "1.8.0_sr6.20-3.47.1",
            "java-1_8_0-ibm-plugin": "1.8.0_sr6.20-3.47.1",
            "java-1_8_0-ibm-devel": "1.8.0_sr6.20-3.47.1",
            "java-1_8_0-ibm": "1.8.0_sr6.20-3.47.1"
        }
    ]
}