SUSE-SU-2021:0665-1

Source
https://www.suse.com/support/update/announcement/2021/suse-su-20210665-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:0665-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2021:0665-1
Related
Published
2021-03-01T15:16:27Z
Modified
2021-03-01T15:16:27Z
Summary
Security update for java-1_8_0-openjdk
Details

This update for java-180-openjdk fixes the following issues:

  • Update to version jdk8u282 (icedtea 3.18.0)
    • January 2021 CPU (bsc#1181239)
    • Security fixes
      • JDK-8247619: Improve Direct Buffering of Characters (CVE-2020-14803)
    • Import of OpenJDK 8 u282 build 01
      • JDK-6962725: Regtest javax/swing/JFileChooser/6738668/ /bug6738668.java fails under Linux
      • JDK-8025936: Windows .pdb and .map files does not have proper dependencies setup
      • JDK-8030350: Enable additional compiler warnings for GCC
      • JDK-8031423: Test java/awt/dnd/DisposeFrameOnDragCrash/ /DisposeFrameOnDragTest.java fails by Timeout on Windows
      • JDK-8036122: Fix warning 'format not a string literal'
      • JDK-8051853: new URI('x/').resolve('..').getSchemeSpecificPart() returns null!
      • JDK-8132664: closed/javax/swing/DataTransfer/DefaultNoDrop/ /DefaultNoDrop.java locks on Windows
      • JDK-8134632: Mark javax/sound/midi/Devices/ /InitializationHang.java as headful
      • JDK-8148854: Class names 'SomeClass' and 'LSomeClass;' treated by JVM as an equivalent
      • JDK-8148916: Mark bug6400879.java as intermittently failing
      • JDK-8148983: Fix extra comma in changes for JDK-8148916
      • JDK-8160438: javax/swing/plaf/nimbus/8057791/bug8057791.java fails
      • JDK-8165808: Add release barriers when allocating objects with concurrent collection
      • JDK-8185003: JMX: Add a version of ThreadMXBean.dumpAllThreads with a maxDepth argument
      • JDK-8202076: test/jdk/java/io/File/WinSpecialFiles.java on windows with VS2017
      • JDK-8207766: [testbug] Adapt tests for Aix.
      • JDK-8212070: Introduce diagnostic flag to abort VM on failed JIT compilation
      • JDK-8213448: [TESTBUG] enhance jfr/jvm/TestDumpOnCrash
      • JDK-8215727: Restore JFR thread sampler loop to old / previous behavior
      • JDK-8220657: JFR.dump does not work when filename is set
      • JDK-8221342: [TESTBUG] Generate Dockerfile for docker testing
      • JDK-8224502: [TESTBUG] JDK docker test TestSystemMetrics.java fails with access issues and OOM
      • JDK-8231209: [REDO] ThreadMXBean::getThreadAllocatedBytes() can be quicker for self thread
      • JDK-8231968: getCurrentThreadAllocatedBytes default implementation s/b getThreadAllocatedBytes
      • JDK-8232114: JVM crashed at imjpapi.dll in native code
      • JDK-8234270: [REDO] JDK-8204128 NMT might report incorrect numbers for Compiler area
      • JDK-8234339: replace JLIStrTok in javamdsolinux.c
      • JDK-8238448: RSASSA-PSS signature verification fail when using certain odd key sizes
      • JDK-8242335: Additional Tests for RSASSA-PSS
      • JDK-8244225: stringop-overflow warning on strncpy call from compiletheworldin
      • JDK-8245400: Upgrade to LittleCMS 2.11
      • JDK-8248214: Add paddings for TaskQueueSuper to reduce false-sharing cache contention
      • JDK-8249176: Update GlobalSignR6CA test certificates
      • JDK-8250665: Wrong translation for the month name of May in arJO,LB,SY
      • JDK-8250928: JFR: Improve hash algorithm for stack traces
      • JDK-8251469: Better cleanup for test/jdk/javax/imageio/SetOutput.java
      • JDK-8251840: JavasunawtX11XToolkitgetDefaultScreenData should not be in make/mapfiles/libawtxawt/mapfile-vers
      • JDK-8252384: [TESTBUG] Some tests refer to COMPAT provider rather than JRE
      • JDK-8252395: [8u] --with-native-debug-symbols=external doesn't include debuginfo files for binaries
      • JDK-8252497: Incorrect numeric currency code for ROL
      • JDK-8252754: Hash code calculation of JfrStackTrace is inconsistent
      • JDK-8252904: VM crashes when JFR is used and JFR event class is transformed
      • JDK-8252975: [8u] JDK-8252395 breaks the build for --with-native-debug-symbols=internal
      • JDK-8253284: Zero OrderAccess barrier mappings are incorrect
      • JDK-8253550: [8u] JDK-8252395 breaks the build for make STRIPPOLICY=nostrip
      • JDK-8253752: test/sun/management/jmxremote/bootstrap/ /RmiBootstrapTest.java fails randomly
      • JDK-8254081: java/security/cert/PolicyNode/ /GetPolicyQualifiers.java fails due to an expired certificate
      • JDK-8254144: Non-x86 Zero builds fail with return-type warning in oslinuxzero.cpp
      • JDK-8254166: Zero: return-type warning in zeroInterpreterzero.cpp
      • JDK-8254683: [TEST_BUG] jdk/test/sun/tools/jconsole/ /WorkerDeadlockTest.java fails
      • JDK-8255003: Build failures on Solaris
References

Affected packages

SUSE:Linux Enterprise Module for Legacy 15 SP2 / java-1_8_0-openjdk

Package

Name
java-1_8_0-openjdk
Purl
purl:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.0.282-3.48.1

Ecosystem specific

{
    "binaries": [
        {
            "java-1_8_0-openjdk-demo": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk-devel": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk-headless": "1.8.0.282-3.48.1"
        }
    ]
}

SUSE:Linux Enterprise Server 15-LTSS / java-1_8_0-openjdk

Package

Name
java-1_8_0-openjdk
Purl
purl:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.0.282-3.48.1

Ecosystem specific

{
    "binaries": [
        {
            "java-1_8_0-openjdk-demo": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk-devel": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk-headless": "1.8.0.282-3.48.1"
        }
    ]
}

SUSE:Linux Enterprise Server 15 SP1-BCL / java-1_8_0-openjdk

Package

Name
java-1_8_0-openjdk
Purl
purl:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCL

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.0.282-3.48.1

Ecosystem specific

{
    "binaries": [
        {
            "java-1_8_0-openjdk-demo": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk-devel": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk-headless": "1.8.0.282-3.48.1"
        }
    ]
}

SUSE:Linux Enterprise Server 15 SP1-LTSS / java-1_8_0-openjdk

Package

Name
java-1_8_0-openjdk
Purl
purl:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.0.282-3.48.1

Ecosystem specific

{
    "binaries": [
        {
            "java-1_8_0-openjdk-demo": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk-devel": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk-headless": "1.8.0.282-3.48.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 15 / java-1_8_0-openjdk

Package

Name
java-1_8_0-openjdk
Purl
purl:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.0.282-3.48.1

Ecosystem specific

{
    "binaries": [
        {
            "java-1_8_0-openjdk-demo": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk-devel": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk-headless": "1.8.0.282-3.48.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 15 SP1 / java-1_8_0-openjdk

Package

Name
java-1_8_0-openjdk
Purl
purl:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.0.282-3.48.1

Ecosystem specific

{
    "binaries": [
        {
            "java-1_8_0-openjdk-demo": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk-devel": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk-headless": "1.8.0.282-3.48.1"
        }
    ]
}

SUSE:Manager Proxy 4.0 / java-1_8_0-openjdk

Package

Name
java-1_8_0-openjdk
Purl
purl:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Manager%20Proxy%204.0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.0.282-3.48.1

Ecosystem specific

{
    "binaries": [
        {
            "java-1_8_0-openjdk-demo": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk-devel": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk-headless": "1.8.0.282-3.48.1"
        }
    ]
}

SUSE:Manager Retail Branch Server 4.0 / java-1_8_0-openjdk

Package

Name
java-1_8_0-openjdk
Purl
purl:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.0.282-3.48.1

Ecosystem specific

{
    "binaries": [
        {
            "java-1_8_0-openjdk-demo": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk-devel": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk-headless": "1.8.0.282-3.48.1"
        }
    ]
}

SUSE:Manager Server 4.0 / java-1_8_0-openjdk

Package

Name
java-1_8_0-openjdk
Purl
purl:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Manager%20Server%204.0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.0.282-3.48.1

Ecosystem specific

{
    "binaries": [
        {
            "java-1_8_0-openjdk-demo": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk-devel": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk-headless": "1.8.0.282-3.48.1"
        }
    ]
}

SUSE:Enterprise Storage 6 / java-1_8_0-openjdk

Package

Name
java-1_8_0-openjdk
Purl
purl:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Enterprise%20Storage%206

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.0.282-3.48.1

Ecosystem specific

{
    "binaries": [
        {
            "java-1_8_0-openjdk-demo": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk-devel": "1.8.0.282-3.48.1",
            "java-1_8_0-openjdk-headless": "1.8.0.282-3.48.1"
        }
    ]
}