openSUSE-SU-2019:2687-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2019:2687-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/openSUSE-SU-2019:2687-1
- Related
- Published
- 2019-12-15T15:11:34Z
- Modified
- 2019-12-15T15:11:34Z
- Summary
- Security update for java-1_8_0-openjdk
- Details
-
This update for java-180-openjdk (jdk8u232/icedtea 3.14.0) fixes the following issues:
Security issues fixed (bsc#1154212):
- CVE-2019-2933: Windows file handling redux
- CVE-2019-2945: Better socket support
- CVE-2019-2949: Better Kerberos ccache handling
- CVE-2019-2958: Build Better Processes
- CVE-2019-2964: Better support for patterns
- CVE-2019-2962: Better Glyph Images
- CVE-2019-2973: Better pattern compilation
- CVE-2019-2975: Unexpected exception in jjs
- CVE-2019-2978: Improved handling of jar files
- CVE-2019-2981: Better Path supports
- CVE-2019-2983: Better serial attributes
- CVE-2019-2987: Better rendering of native glyphs
- CVE-2019-2988: Better Graphics2D drawing
- CVE-2019-2989: Improve TLS connection support
- CVE-2019-2992: Enhance font glyph mapping
- CVE-2019-2999: Commentary on Javadoc comments
- CVE-2019-2894: Enhance ECDSA operations (bsc#1152856)
Bug fixes:
- Fixed build failuers on ARM (bsc#1138529).
This update was imported from the SUSE:SLE-15:Update update project.
- References
-
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/I6ALR2AGAFL63Y6TKSBCMO2DIQNCCY5U/#I6ALR2AGAFL63Y6TKSBCMO2DIQNCCY5U
- https://bugzilla.suse.com/1138529
- https://bugzilla.suse.com/1152856
- https://bugzilla.suse.com/1154212
- https://www.suse.com/security/cve/CVE-2019-2894
- https://www.suse.com/security/cve/CVE-2019-2933
- https://www.suse.com/security/cve/CVE-2019-2945
- https://www.suse.com/security/cve/CVE-2019-2949
- https://www.suse.com/security/cve/CVE-2019-2958
- https://www.suse.com/security/cve/CVE-2019-2962
- https://www.suse.com/security/cve/CVE-2019-2964
- https://www.suse.com/security/cve/CVE-2019-2973
- https://www.suse.com/security/cve/CVE-2019-2975
- https://www.suse.com/security/cve/CVE-2019-2978
- https://www.suse.com/security/cve/CVE-2019-2981
- https://www.suse.com/security/cve/CVE-2019-2983
- https://www.suse.com/security/cve/CVE-2019-2987
- https://www.suse.com/security/cve/CVE-2019-2988
- https://www.suse.com/security/cve/CVE-2019-2989
- https://www.suse.com/security/cve/CVE-2019-2992
- https://www.suse.com/security/cve/CVE-2019-2999
Affected packages
openSUSE:Leap 15.1 / java-1_8_0-openjdk
Package
- Name
- java-1_8_0-openjdk
- Purl
- purl:rpm/suse/java-1_8_0-openjdk&distro=openSUSE%20Leap%2015.1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.8.0.232-lp151.2.6.1
Ecosystem specific
{
"binaries": [
{
"java-1_8_0-openjdk": "1.8.0.232-lp151.2.6.1",
"java-1_8_0-openjdk-devel": "1.8.0.232-lp151.2.6.1",
"java-1_8_0-openjdk-src": "1.8.0.232-lp151.2.6.1",
"java-1_8_0-openjdk-demo": "1.8.0.232-lp151.2.6.1",
"java-1_8_0-openjdk-javadoc": "1.8.0.232-lp151.2.6.1",
"java-1_8_0-openjdk-accessibility": "1.8.0.232-lp151.2.6.1",
"java-1_8_0-openjdk-headless": "1.8.0.232-lp151.2.6.1"
}
]
}