You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa java

Sigurnosni nedostaci programskog paketa java

by - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LSU

openSUSE Security Update: Security update for java-1_8_0-openj9
______________________________________________________________________________

Announcement ID: openSUSE-SU-2020:1893-1
Rating: important
References: #1174157 #1177943
Cross-References: CVE-2020-14556 CVE-2020-14577 CVE-2020-14578
CVE-2020-14579 CVE-2020-14581 CVE-2020-14583
CVE-2020-14593 CVE-2020-14621 CVE-2020-14779
CVE-2020-14781 CVE-2020-14782 CVE-2020-14792
CVE-2020-14796 CVE-2020-14797 CVE-2020-14798
CVE-2020-14803
Affected Products:
openSUSE Leap 15.2
______________________________________________________________________________

An update that fixes 16 vulnerabilities is now available.

Description:

This update for java-1_8_0-openj9 fixes the following issues:

-OpenJDK was updated to 8u2732 build 10 with OpenJ9 0.23.0 virtual machine
-includes Oracle July 2020 (bsc#1174157) and October 2020 CPU
(bsc#1177943)
– CVE-2020-14556, CVE-2020-14577, CVE-2020-14578, CVE-2020-14579,
CVE-2020-14581, CVE-2020-14583, CVE-2020-14593, CVE-2020-14621,
CVE-2020-14779, CVE-2020-14781, CVE-2020-14782, CVE-2020-14792,
CVE-2020-14796, CVE-2020-14797, CVE-2020-14798 and CVE-2020-14803

This update was imported from the SUSE:SLE-15-SP2:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

– openSUSE Leap 15.2:

zypper in -t patch openSUSE-2020-1893=1

Package List:

– openSUSE Leap 15.2 (x86_64):

java-1_8_0-openj9-1.8.0.272-lp152.3.3.1
java-1_8_0-openj9-accessibility-1.8.0.272-lp152.3.3.1
java-1_8_0-openj9-debuginfo-1.8.0.272-lp152.3.3.1
java-1_8_0-openj9-debugsource-1.8.0.272-lp152.3.3.1
java-1_8_0-openj9-demo-1.8.0.272-lp152.3.3.1
java-1_8_0-openj9-demo-debuginfo-1.8.0.272-lp152.3.3.1
java-1_8_0-openj9-devel-1.8.0.272-lp152.3.3.1
java-1_8_0-openj9-headless-1.8.0.272-lp152.3.3.1
java-1_8_0-openj9-src-1.8.0.272-lp152.3.3.1

– openSUSE Leap 15.2 (noarch):

java-1_8_0-openj9-javadoc-1.8.0.272-lp152.3.3.1

References:

https://protect2.fireeye.com/v1/url?k=bb744f89-e4e85597-bb73d245-000babd90757-cc33570c0b8c9a6f&q=1&e=069821c2-e2a0-4d32-b11e-96d36e072958&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-14556.html
https://protect2.fireeye.com/v1/url?k=bb358054-e4a99a4a-bb321d98-000babd90757-2e42670e2fc90e5f&q=1&e=069821c2-e2a0-4d32-b11e-96d36e072958&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-14577.html
https://protect2.fireeye.com/v1/url?k=2a6e79e2-75f263fc-2a69e42e-000babd90757-087cbf8443643d8d&q=1&e=069821c2-e2a0-4d32-b11e-96d36e072958&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-14578.html
https://protect2.fireeye.com/v1/url?k=d5a12bf0-8a3d31ee-d5a6b63c-000babd90757-d3b2e42317f7acdc&q=1&e=069821c2-e2a0-4d32-b11e-96d36e072958&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-14579.html
https://protect2.fireeye.com/v1/url?k=b07fdaea-efe3c0f4-b0784726-000babd90757-66123b0732b1466d&q=1&e=069821c2-e2a0-4d32-b11e-96d36e072958&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-14581.html
https://protect2.fireeye.com/v1/url?k=77e1389d-287d2283-77e6a551-000babd90757-1f4d254ec4d32584&q=1&e=069821c2-e2a0-4d32-b11e-96d36e072958&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-14583.html
https://protect2.fireeye.com/v1/url?k=a587363e-fa1b2c20-a580abf2-000babd90757-06cec8f90376b582&q=1&e=069821c2-e2a0-4d32-b11e-96d36e072958&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-14593.html
https://protect2.fireeye.com/v1/url?k=40c539e7-1f5923f9-40c2a42b-000babd90757-ca9c0cb8b31be86c&q=1&e=069821c2-e2a0-4d32-b11e-96d36e072958&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-14621.html
https://protect2.fireeye.com/v1/url?k=1de666f2-427a7cec-1de1fb3e-000babd90757-7ce455626b308e83&q=1&e=069821c2-e2a0-4d32-b11e-96d36e072958&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-14779.html
https://protect2.fireeye.com/v1/url?k=1e02c3d4-419ed9ca-1e055e18-000babd90757-833cc040503ec0ce&q=1&e=069821c2-e2a0-4d32-b11e-96d36e072958&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-14781.html
https://protect2.fireeye.com/v1/url?k=ccddff70-9341e56e-ccda62bc-000babd90757-06b5aa6e3d6232c9&q=1&e=069821c2-e2a0-4d32-b11e-96d36e072958&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-14782.html
https://protect2.fireeye.com/v1/url?k=6fa70a3a-303b1024-6fa097f6-000babd90757-de1a9e0bb5d92238&q=1&e=069821c2-e2a0-4d32-b11e-96d36e072958&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-14792.html
https://protect2.fireeye.com/v1/url?k=fdd50e28-a2491436-fdd293e4-000babd90757-3886e467921d4f85&q=1&e=069821c2-e2a0-4d32-b11e-96d36e072958&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-14796.html
https://protect2.fireeye.com/v1/url?k=506a8df0-0ff697ee-506d103c-000babd90757-73029672dd99e9c5&q=1&e=069821c2-e2a0-4d32-b11e-96d36e072958&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-14797.html
https://protect2.fireeye.com/v1/url?k=c2d50e09-9d491417-c2d293c5-000babd90757-ab4f58b4b039fdf8&q=1&e=069821c2-e2a0-4d32-b11e-96d36e072958&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-14798.html
https://protect2.fireeye.com/v1/url?k=f24562d4-add978ca-f242ff18-000babd90757-5438b05a1ccff7cb&q=1&e=069821c2-e2a0-4d32-b11e-96d36e072958&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-14803.html
https://protect2.fireeye.com/v1/url?k=a354ff0d-fcc8e513-a35362c1-000babd90757-f49b0114327c6ec1&q=1&e=069821c2-e2a0-4d32-b11e-96d36e072958&u=https%3A%2F%2Fbugzilla.suse.com%2F1174157
https://protect2.fireeye.com/v1/url?k=5d5ef480-02c2ee9e-5d59694c-000babd90757-c8ea335e98da213a&q=1&e=069821c2-e2a0-4d32-b11e-96d36e072958&u=https%3A%2F%2Fbugzilla.suse.com%2F1177943


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

AutorBruno Varga
Cert idNCERT-REF-2020-11-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostatak programskog paketa tmux

Otkriven je sigurnosni nedostatak u programskom paketu tmux za operacijski sustav Gentoo. Otkriveni nedostatak potencijalnim napadačima omogućuje izazivanje DoS stanja...

Close