You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa openjdk

Sigurnosni nedostaci programskog paketa openjdk

by ncert - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LSU

SUSE Security Update: Security update for openjdk
______________________________________________________________________________

Announcement ID: SUSE-SU-2014:0961-1
Rating: important
References: #887530
Cross-References: CVE-2014-2483 CVE-2014-2490 CVE-2014-4208
CVE-2014-4209 CVE-2014-4216 CVE-2014-4218
CVE-2014-4219 CVE-2014-4220 CVE-2014-4221
CVE-2014-4223 CVE-2014-4227 CVE-2014-4244
CVE-2014-4247 CVE-2014-4252 CVE-2014-4262
CVE-2014-4263 CVE-2014-4264 CVE-2014-4265
CVE-2014-4266 CVE-2014-4268
Affected Products:
SUSE Linux Enterprise Desktop 11 SP3
______________________________________________________________________________

An update that fixes 20 vulnerabilities is now available.
It includes one version update.

Description:

This Critical Patch Update contains 20 new security fixes for Oracle Java
SE. All of these vulnerabilities could have been remotely exploitable
without authentication, i.e., could be exploited over a network without
the need for a username and password.

Security Issues:

* CVE-2014-4227
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4227>
* CVE-2014-4219
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4219>
* CVE-2014-2490
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2490>
* CVE-2014-4216
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4216>
* CVE-2014-4247
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4247>
* CVE-2014-2483
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2483>
* CVE-2014-4223
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4223>
* CVE-2014-4262
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4262>
* CVE-2014-4209
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4209>
* CVE-2014-4265
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4265>
* CVE-2014-4220
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4220>
* CVE-2014-4218
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4218>
* CVE-2014-4252
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4252>
* CVE-2014-4266
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4266>
* CVE-2014-4268
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4268>
* CVE-2014-4264
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4264>
* CVE-2014-4221
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4221>
* CVE-2014-4244
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4244>
* CVE-2014-4263
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4263>
* CVE-2014-4208
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4208>

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Desktop 11 SP3:

zypper in -t patch sledsp3-java-1_7_0-openjdk-9543

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 1.7.0.65]:

java-1_7_0-openjdk-1.7.0.65-0.7.4
java-1_7_0-openjdk-demo-1.7.0.65-0.7.4
java-1_7_0-openjdk-devel-1.7.0.65-0.7.4

References:

http://support.novell.com/security/cve/CVE-2014-2483.html
http://support.novell.com/security/cve/CVE-2014-2490.html
http://support.novell.com/security/cve/CVE-2014-4208.html
http://support.novell.com/security/cve/CVE-2014-4209.html
http://support.novell.com/security/cve/CVE-2014-4216.html
http://support.novell.com/security/cve/CVE-2014-4218.html
http://support.novell.com/security/cve/CVE-2014-4219.html
http://support.novell.com/security/cve/CVE-2014-4220.html
http://support.novell.com/security/cve/CVE-2014-4221.html
http://support.novell.com/security/cve/CVE-2014-4223.html
http://support.novell.com/security/cve/CVE-2014-4227.html
http://support.novell.com/security/cve/CVE-2014-4244.html
http://support.novell.com/security/cve/CVE-2014-4247.html
http://support.novell.com/security/cve/CVE-2014-4252.html
http://support.novell.com/security/cve/CVE-2014-4262.html
http://support.novell.com/security/cve/CVE-2014-4263.html
http://support.novell.com/security/cve/CVE-2014-4264.html
http://support.novell.com/security/cve/CVE-2014-4265.html
http://support.novell.com/security/cve/CVE-2014-4266.html
http://support.novell.com/security/cve/CVE-2014-4268.html
https://bugzilla.novell.com/887530
http://download.suse.com/patch/finder/?keywords=74138caa13d284bb5cbd73e4f768e2e8


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

AutorMarijo Plepelic
Cert idNCERT-REF-2014-08-0013-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
ncert
Top
More in Preporuke
Sigurnosni nedostatak programskog paketa Zend Framework

Otkriven je sigurnosni nedostatak u programskom paketu Zend Framework. Otkriveni nedostatak potencijalnim napadačima omogućuje umetanje proizvoljnih SQL naredbi. Svim korisnicima...

Close