SuSE Local Security Checks : SUSE: Security Advisory (SUSE-SU-2021:0019-1)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.4.2021.0019.1

Categoría: SuSE Local Security Checks

Título: SUSE: Security Advisory (SUSE-SU-2021:0019-1)

Resumen: The remote host is missing an update for the 'java-1_7_1-ibm' package(s) announced via the SUSE-SU-2021:0019-1 advisory.

Descripción: Summary:
The remote host is missing an update for the 'java-1_7_1-ibm' package(s) announced via the SUSE-SU-2021:0019-1 advisory.

Vulnerability Insight:
This update for java-1_7_1-ibm fixes the following issues:

Update to Java 7.1 Service Refresh 4 Fix Pack 75 [bsc#1180063,
bsc#1177943] CVE-2020-14792 CVE-2020-14797 CVE-2020-14782 CVE-2020-14781
CVE-2020-14779 CVE-2020-14798 CVE-2020-14796 CVE-2020-14803
* Class Libraries:
- Z/OS specific C function send_file is changing the file pointer
position
* Security:
- Add the new oracle signer certificate
- Certificate parsing error
- JVM memory growth can be caused by the IBMPKCS11IMPL crypto provider
- Remove check for websphere signed jars
- sessionid.hashcode generates too many collisions
- The Java 8 IBM certpath provider does not honor the user specified
system property for CLR connect timeout

Affected Software/OS:
'java-1_7_1-ibm' package(s) on HPE Helion Openstack 8, SUSE Enterprise Storage 5, SUSE Linux Enterprise Server 12-SP2, SUSE Linux Enterprise Server 12-SP3, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud 9, SUSE OpenStack Cloud Crowbar 8, SUSE OpenStack Cloud Crowbar 9.

Solution:
Please install the updated package(s).

CVSS Score:
5.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2020-14779
Common Vulnerability Exposure (CVE) ID: CVE-2020-14781
Common Vulnerability Exposure (CVE) ID: CVE-2020-14782
Common Vulnerability Exposure (CVE) ID: CVE-2020-14792
Common Vulnerability Exposure (CVE) ID: CVE-2020-14796
Common Vulnerability Exposure (CVE) ID: CVE-2020-14797
Common Vulnerability Exposure (CVE) ID: CVE-2020-14798
Common Vulnerability Exposure (CVE) ID: CVE-2020-14803

Copyright Copyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.4.2021.0019.1
Categoría:	SuSE Local Security Checks
Título:	SUSE: Security Advisory (SUSE-SU-2021:0019-1)
Resumen:	The remote host is missing an update for the 'java-1_7_1-ibm' package(s) announced via the SUSE-SU-2021:0019-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'java-1_7_1-ibm' package(s) announced via the SUSE-SU-2021:0019-1 advisory. Vulnerability Insight: This update for java-1_7_1-ibm fixes the following issues: Update to Java 7.1 Service Refresh 4 Fix Pack 75 [bsc#1180063, bsc#1177943] CVE-2020-14792 CVE-2020-14797 CVE-2020-14782 CVE-2020-14781 CVE-2020-14779 CVE-2020-14798 CVE-2020-14796 CVE-2020-14803 * Class Libraries: - Z/OS specific C function send_file is changing the file pointer position * Security: - Add the new oracle signer certificate - Certificate parsing error - JVM memory growth can be caused by the IBMPKCS11IMPL crypto provider - Remove check for websphere signed jars - sessionid.hashcode generates too many collisions - The Java 8 IBM certpath provider does not honor the user specified system property for CLR connect timeout Affected Software/OS: 'java-1_7_1-ibm' package(s) on HPE Helion Openstack 8, SUSE Enterprise Storage 5, SUSE Linux Enterprise Server 12-SP2, SUSE Linux Enterprise Server 12-SP3, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud 9, SUSE OpenStack Cloud Crowbar 8, SUSE OpenStack Cloud Crowbar 9. Solution: Please install the updated package(s). CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2020-14779 Common Vulnerability Exposure (CVE) ID: CVE-2020-14781 Common Vulnerability Exposure (CVE) ID: CVE-2020-14782 Common Vulnerability Exposure (CVE) ID: CVE-2020-14792 Common Vulnerability Exposure (CVE) ID: CVE-2020-14796 Common Vulnerability Exposure (CVE) ID: CVE-2020-14797 Common Vulnerability Exposure (CVE) ID: CVE-2020-14798 Common Vulnerability Exposure (CVE) ID: CVE-2020-14803
Copyright	Copyright (C) 2021 Greenbone Networks GmbH