 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.1.4.2018.4064.1 |
| Category: | SuSE Local Security Checks |
| Title: | SUSE: Security Advisory (SUSE-SU-2018:4064-1) |
| Summary: | The remote host is missing an update for the 'java-1_8_0-ibm' package(s) announced via the SUSE-SU-2018:4064-1 advisory. |
| Description: | Summary: The remote host is missing an update for the 'java-1_8_0-ibm' package(s) announced via the SUSE-SU-2018:4064-1 advisory. Vulnerability Insight: java-1_8_0-ibm was updated to Java 8.0 Service Refresh 5 Fix Pack 25 (bsc#1116574) * Class Libraries: - IJ10934 CVE-2018-13785 - IJ10935 CVE-2018-3136 - IJ10895 CVE-2018-3139 - IJ10932 CVE-2018-3149 - IJ10894 CVE-2018-3180 - IJ10930 CVE-2018-3183 - IJ10933 CVE-2018-3214 - IJ09315 FLOATING POINT EXCEPTION FROM JAVA.TEXT.DECIMALFORMAT. FORMAT - IJ09088 INTRODUCING A NEW PROPERTY FOR TURKEY TIMEZONE FOR PRODUCTS NOT IDENTIFYING TRT - IJ10800 REMOVE EXPIRING ROOT CERTIFICATES IN IBM JDK'S CACERTS. - IJ10566 SUPPORT EBCDIC CODE PAGE IBM-274 - BELGIUM EBCDIC * Java Virtual Machine - IJ08730 APPLICATION SIGNAL HANDLER NOT INVOKED FOR SIGABRT - IJ10453 ASSERTION FAILURE AT CLASSPATHITEM.CPP - IJ09574 CLASSLOADER DEFINED THROUGH SYSTEM PROPERTY 'JAVA.SYSTEM.CLASS.LOADE R' IS NOT HONORED. - IJ10931 CVE-2018-3169 - IJ10618 GPU SORT: UNSPECIFIED LAUNCH FAILURE - IJ10619 INCORRECT ILLEGALARGUMENTEXCEPTION BECAUSE OBJECT IS NOT AN INSTANCE OF DECLARING CLASS ON REFLECTIVE INVOCATION - IJ10135 JVM HUNG IN GARBAGECOLLECTORMXBEAN.G ETLASTGCINFO() API - IJ10680 RECURRENT ABORTED SCAVENGE * ORB - IX90187 CLIENTREQUESTIMPL.REINVO KE FAILS WITH JAVA.LANG.INDEXOUTOFBOUN DSEXCEPTION * Reliability and Serviceability - IJ09600 DTFJ AND JDMPVIEW FAIL TO PARSE WIDE REGISTER VALUES * Security - IJ10492 'EC KEYSIZE < 384' IS NOT HONORED USING THE 'JDK.TLS.DISABLEDALGORIT HMS' SECURITY PROPERTY - IJ10310 ADD NULL CHECKING ON THE ENCRYPTION TYPES LIST TO CREDENTIALS.GETDEFAULTNA TIVECREDS() METHOD - IJ10491 AES/GCM CIPHER - AAD NOT RESET TO UN-INIT STATE AFTER DOFINAL( ) AND INIT( ) - IJ08442 HTTP PUBLIC KEY PINNING FINGERPRINT,PROBLEM WITH CONVERTING TO JKS KEYSTORE - IJ09107 IBMPKCS11IMPL CRYPTO PROVIDER - INTERMITTENT ERROR WITH SECP521R1 SIGNATURE ON Z/OS - IJ10136 IBMPKCS11IMPL - INTERMITTENT ERROR WITH SECP521R1 SIG ON Z/OS AND Z/LINUX - IJ08530 IBMPKCS11IMPL PROVIDER USES THE WRONG RSA CIPHER MECHANISM FOR THE RSA/ECB/PKCS1PADDING CIPHER - IJ08723 JAAS THROWS A 'ARRAY INDEX OUT OF RANGE' EXCEPTION - IJ08704 THE SECURITY PROPERTY 'JDK.CERTPATH.DISABLEDAL GORITHMS' IS MISTAKENLY BEING USED TO FILTER JAR SIGNING ALGORITHMS * z/OS Extensions - PH03889 ADD SUPPORT FOR TRY-WITH-RESOURCES TO COM.IBM.JZOS.ENQUEUE - PH03414 ROLLOVER FROM SYE TO SAE FOR ICSF REASON CODE 3059 - PH04008 ZERTJSSE - Z SYSTEMS ENCRYPTION READINESS TOOL (ZERT) NEW SUPPORT IN THE Z/OS JAVA SDK This includes the update to Java 8.0 Service Refresh 5 Fix Pack 22: * Java Virtual Machine - IJ09139 CUDA4J NOT AVAILABLE ON ALL PLATFORMS * JIT Compiler - IJ09089 CRASH DURING COMPILATION IN USEREGISTER ON X86-32 - IJ08655 FLOATING POINT ERROR (SIGFPE) IN ZJ9SYM1 OR ANY VM/JIT MODULE ON AN INSTRUCTION FOLLOWING A VECTOR INSTRUCTION - IJ08850 CRASH IN ARRAYLIST$ITR.NEXT() - IJ09601 JVM CRASHES ON A SIGBUS SIGNAL WHEN ACCESSING A DIRECTBYTEBUFFER * z/OS Extensions - PH02999 JZOS ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'java-1_8_0-ibm' package(s) on SUSE Linux Enterprise Server 12-SP1, SUSE Linux Enterprise Server 12-SP2, SUSE Linux Enterprise Server 12-SP3, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server for SAP Applications 12-SP2, SUSE Linux Enterprise Server for SAP Applications 12-SP3, SUSE Linux Enterprise Server for SAP Applications 12-SP4. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2018-13785 BugTraq ID: 105599 http://www.securityfocus.com/bid/105599 https://security.gentoo.org/glsa/201908-10 https://github.com/glennrp/libpng/commit/8a05766cb74af05c04c53e6c9d60c13fc4d59bf2 https://sourceforge.net/p/libpng/bugs/278/ RedHat Security Advisories: RHSA-2018:3000 https://access.redhat.com/errata/RHSA-2018:3000 RedHat Security Advisories: RHSA-2018:3001 https://access.redhat.com/errata/RHSA-2018:3001 RedHat Security Advisories: RHSA-2018:3002 https://access.redhat.com/errata/RHSA-2018:3002 RedHat Security Advisories: RHSA-2018:3003 https://access.redhat.com/errata/RHSA-2018:3003 RedHat Security Advisories: RHSA-2018:3007 https://access.redhat.com/errata/RHSA-2018:3007 RedHat Security Advisories: RHSA-2018:3008 https://access.redhat.com/errata/RHSA-2018:3008 RedHat Security Advisories: RHSA-2018:3533 https://access.redhat.com/errata/RHSA-2018:3533 RedHat Security Advisories: RHSA-2018:3534 https://access.redhat.com/errata/RHSA-2018:3534 RedHat Security Advisories: RHSA-2018:3671 https://access.redhat.com/errata/RHSA-2018:3671 RedHat Security Advisories: RHSA-2018:3672 https://access.redhat.com/errata/RHSA-2018:3672 RedHat Security Advisories: RHSA-2018:3779 https://access.redhat.com/errata/RHSA-2018:3779 RedHat Security Advisories: RHSA-2018:3852 https://access.redhat.com/errata/RHSA-2018:3852 http://www.securitytracker.com/id/1041889 https://usn.ubuntu.com/3712-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-3136 BugTraq ID: 105601 http://www.securityfocus.com/bid/105601 Debian Security Information: DSA-4326 (Google Search) https://www.debian.org/security/2018/dsa-4326 https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html RedHat Security Advisories: RHSA-2018:2942 https://access.redhat.com/errata/RHSA-2018:2942 RedHat Security Advisories: RHSA-2018:2943 https://access.redhat.com/errata/RHSA-2018:2943 RedHat Security Advisories: RHSA-2018:3350 https://access.redhat.com/errata/RHSA-2018:3350 RedHat Security Advisories: RHSA-2018:3409 https://access.redhat.com/errata/RHSA-2018:3409 RedHat Security Advisories: RHSA-2018:3521 https://access.redhat.com/errata/RHSA-2018:3521 https://usn.ubuntu.com/3804-1/ https://usn.ubuntu.com/3824-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-3139 BugTraq ID: 105602 http://www.securityfocus.com/bid/105602 Common Vulnerability Exposure (CVE) ID: CVE-2018-3149 BugTraq ID: 105608 http://www.securityfocus.com/bid/105608 Common Vulnerability Exposure (CVE) ID: CVE-2018-3169 BugTraq ID: 105587 http://www.securityfocus.com/bid/105587 Common Vulnerability Exposure (CVE) ID: CVE-2018-3180 BugTraq ID: 105617 http://www.securityfocus.com/bid/105617 Common Vulnerability Exposure (CVE) ID: CVE-2018-3183 BugTraq ID: 105622 http://www.securityfocus.com/bid/105622 Common Vulnerability Exposure (CVE) ID: CVE-2018-3214 BugTraq ID: 105615 http://www.securityfocus.com/bid/105615 |
| Copyright | Copyright (C) 2021 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |