Security update for java-1_7_0-ibm
SUSE Security Update:
Security update for java-1_7_0-ibm
| Announcement ID: | SUSE-SU-2015:1073-1 |
| Rating: | important |
| References: | #912434 #912447 #930365 #931693 #931702 |
| Affected Products: |
An update that solves four vulnerabilities and has one errata is now available.
Description:
This update fixes the following security issues:
- Version bump to 7.1-3.0 release bnc#930365 CVE-2015-0192 CVE-2015-2808
CVE-2015-1914 CVE-2015-0138
- Fix removeing links before update-alternatives run. bnc#931702
- Fix bnc#912434, javaws/plugin stuff should slave plugin
update-alternatives
- Fix bnc#912447, use system cacerts
- Update to 7.1.2.10 for sec issues bnc#916266 and bnc#916265
CVE-2014-8892 CVE-2014-8891
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 12:
zypper in -t patch SUSE-SLE-SDK-12-2015-270=1 - SUSE Linux Enterprise Server 12:
zypper in -t patch SUSE-SLE-SERVER-12-2015-270=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64):
- java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1
- SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64):
- java-1_7_1-ibm-1.7.1_sr3.0-11.1
- java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1
- SUSE Linux Enterprise Server 12 (x86_64):
- java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1
- java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1
References:
- https://www.suse.com/security/cve/CVE-2015-0138.html
- https://www.suse.com/security/cve/CVE-2015-0192.html
- https://www.suse.com/security/cve/CVE-2015-1914.html
- https://www.suse.com/security/cve/CVE-2015-2808.html
- https://bugzilla.suse.com/912434
- https://bugzilla.suse.com/912447
- https://bugzilla.suse.com/930365
- https://bugzilla.suse.com/931693
- https://bugzilla.suse.com/931702