 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.851438 |
| Category: | SuSE Local Security Checks |
| Title: | openSUSE: Security Advisory for java-1_8_0-openjdk (openSUSE-SU-2016:2985-1) |
| Summary: | The remote host is missing an update for the 'java-1_8_0-openjdk'; package(s) announced via the referenced advisory. |
| Description: | Summary: The remote host is missing an update for the 'java-1_8_0-openjdk' package(s) announced via the referenced advisory. Vulnerability Insight: OpenJDK Java was updated to jdk8u111 (icedtea 3.2.0) to fix the following issues: * Security fixes + S8146490: Direct indirect CRL checks + S8151921: Improved page resolution + S8155968: Update command line options + S8155973, CVE-2016-5542: Tighten jar checks (bsc#1005522) + S8156794: Extend data sharing + S8157176: Improved classfile parsing + S8157739, CVE-2016-5554: Classloader Consistency Checking (bsc#1005523) + S8157749: Improve handling of DNS error replies + S8157753: Audio replay enhancement + S8157759: LCMS Transform Sampling Enhancement + S8157764: Better handling of interpolation plugins + S8158302: Handle contextual glyph substitutions + S8158993, CVE-2016-5568: Service Menu services (bsc#1005525) + S8159495: Fix index offsets + S8159503: Amend Annotation Actions + S8159511: Stack map validation + S8159515: Improve indy validation + S8159519, CVE-2016-5573: Reformat JDWP messages (bsc#1005526) + S8160090: Better signature handling in pack200 + S8160094: Improve pack200 layout + S8160098: Clean up color profiles + S8160591, CVE-2016-5582: Improve internal array handling (bsc#1005527) + S8160838, CVE-2016-5597: Better HTTP service (bsc#1005528) + PR3206, RH1367357: lcms2: Out-of-bounds read in Type_MLU_Read() + CVE-2016-5556 (bsc#1005524) * New features + PR1370: Provide option to build without debugging + PR1375: Provide option to strip and link debugging info after build + PR1537: Handle alternative Kerberos credential cache locations + PR1978: Allow use of system PCSC + PR2445: Support system libsctp + PR3182: Support building without pre-compiled headers + PR3183: Support Fedora/RHEL system crypto policy + PR3221: Use pkgconfig to detect Kerberos CFLAGS and libraries * Import of OpenJDK 8 u102 build 14 + S4515292: ReferenceType.isStatic() returns true for arrays + S4858370: JDWP: Memory Leak: GlobalRefs never deleted when processing invokeMethod command + S6976636: JVM/TI test ex03t001 fails assertion + S7185591: jcmd-big-script.sh ERROR: could not find app's Java pid. + S8017462: G1: guarantee fails with UseDynamicNumberOfGCThreads + S8034168: ThreadMXBean/Locks.java failed, blocked on wrong object + S8036006: [TESTBUG] sun/tools/native2ascii/NativeErrors.java fails: Process exit code was 0, but error was expected. + S8041781: Need new regression tests for PBE keys + S8041787: Need new regressions tests for buffer handling for PBE algorithms + S8043836: Need new tests for AES cipher + S8044199: Tests for RSA keys and key specifications + S8044772: ... Description truncated, please see the referenced URL(s) for more information. Affected Software/OS: java-1_8_0-openjdk on openSUSE Leap 42.1 Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-5542 BugTraq ID: 93643 http://www.securityfocus.com/bid/93643 Debian Security Information: DSA-3707 (Google Search) http://www.debian.org/security/2016/dsa-3707 https://security.gentoo.org/glsa/201611-04 https://security.gentoo.org/glsa/201701-43 RedHat Security Advisories: RHSA-2016:2079 http://rhn.redhat.com/errata/RHSA-2016-2079.html RedHat Security Advisories: RHSA-2016:2088 http://rhn.redhat.com/errata/RHSA-2016-2088.html RedHat Security Advisories: RHSA-2016:2089 http://rhn.redhat.com/errata/RHSA-2016-2089.html RedHat Security Advisories: RHSA-2016:2090 http://rhn.redhat.com/errata/RHSA-2016-2090.html RedHat Security Advisories: RHSA-2016:2136 http://rhn.redhat.com/errata/RHSA-2016-2136.html RedHat Security Advisories: RHSA-2016:2137 http://rhn.redhat.com/errata/RHSA-2016-2137.html RedHat Security Advisories: RHSA-2016:2138 http://rhn.redhat.com/errata/RHSA-2016-2138.html RedHat Security Advisories: RHSA-2016:2658 http://rhn.redhat.com/errata/RHSA-2016-2658.html RedHat Security Advisories: RHSA-2016:2659 http://rhn.redhat.com/errata/RHSA-2016-2659.html RedHat Security Advisories: RHSA-2017:0061 http://rhn.redhat.com/errata/RHSA-2017-0061.html RedHat Security Advisories: RHSA-2017:1216 https://access.redhat.com/errata/RHSA-2017:1216 http://www.securitytracker.com/id/1037040 http://www.ubuntu.com/usn/USN-3130-1 http://www.ubuntu.com/usn/USN-3154-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-5554 BugTraq ID: 93637 http://www.securityfocus.com/bid/93637 Common Vulnerability Exposure (CVE) ID: CVE-2016-5556 BugTraq ID: 93618 http://www.securityfocus.com/bid/93618 https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E Common Vulnerability Exposure (CVE) ID: CVE-2016-5568 BugTraq ID: 93621 http://www.securityfocus.com/bid/93621 Common Vulnerability Exposure (CVE) ID: CVE-2016-5573 BugTraq ID: 93628 http://www.securityfocus.com/bid/93628 Common Vulnerability Exposure (CVE) ID: CVE-2016-5582 BugTraq ID: 93623 http://www.securityfocus.com/bid/93623 Common Vulnerability Exposure (CVE) ID: CVE-2016-5597 BugTraq ID: 93636 http://www.securityfocus.com/bid/93636 |
| Copyright | Copyright (C) 2016 Greenbone Networks GmbH |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |