openSUSE Security Update: update for java-1_7_0-openjdk ______________________________________________________________________________ Announcement ID: openSUSE-SU-2013:0964-1 Rating: moderate References: #816720 Cross-References: CVE-2013-0401 CVE-2013-1488 CVE-2013-1518 CVE-2013-1537 CVE-2013-1557 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2415 CVE-2013-2417 CVE-2013-2419 CVE-2013-2420 CVE-2013-2421 CVE-2013-2422 CVE-2013-2423 CVE-2013-2424 CVE-2013-2426 CVE-2013-2429 CVE-2013-2430 CVE-2013-2431 CVE-2013-2436 Affected Products: openSUSE 12.3 ______________________________________________________________________________ An update that fixes 21 vulnerabilities is now available. Description: - update to icedtea-2.3.9 (bnc#816720) * Security fixes - S6657673, CVE-2013-1518: Issues with JAXP - S7200507: Refactor Introspector internals - S8000724, CVE-2013-2417: Improve networking serialization - S8001031, CVE-2013-2419: Better font processing - S8001040, CVE-2013-1537: Rework RMI model - S8001322: Refactor deserialization - S8001329, CVE-2013-1557: Augment RMI logging - S8003335: Better handling of Finalizer thread - S8003445: Adjust JAX-WS to focus on API - S8003543, CVE-2013-2415: Improve processing of MTOM attachments - S8004261: Improve input validation - S8004336, CVE-2013-2431: Better handling of method handle intrinsic frames - S8004986, CVE-2013-2383: Better handling of glyph table - S8004987, CVE-2013-2384: Improve font layout - S8004994, CVE-2013-1569: Improve checking of glyph table - S8005432: Update access to JAX-WS - S8005943: (process) Improved Runtime.exec - S8006309: More reliable control panel operation - S8006435, CVE-2013-2424: Improvements in JMX - S8006790: Improve checking for windows - S8006795: Improve font warning messages - S8007406: Improve accessibility of AccessBridge - S8007617, CVE-2013-2420: Better validation of images - S8007667, CVE-2013-2430: Better image reading - S8007918, CVE-2013-2429: Better image writing - S8008140: Better method handle resolution - S8009049, CVE-2013-2436: Better method handle binding - S8009063, CVE-2013-2426: Improve reliability of ConcurrentHashMap - S8009305, CVE-2013-0401: Improve AWT data transfer - S8009677, CVE-2013-2423: Better setting of setters - S8009699, CVE-2013-2421: Methodhandle lookup - S8009814, CVE-2013-1488: Better driver management - S8009857, CVE-2013-2422: Problem with plugin * Backports - S7130662, RH928500: GTK file dialog crashes with a NPE * Bug fixes - PR1363: Fedora 19 / rawhide FTBFS SIGILL - PR1401: Fix Zero build on 2.3.8 - Fix offset problem in ICU LETableReference. - Change -Werror fix to preserve OpenJDK default. - PR1303: Correct #ifdef to #if - PR1404: Failure to bootstrap with ecj 4.2 - Added url as source. Please see http://en.opensuse.org/SourceUrls - icedtea-2.3.8-zero-patches.patch: remove patch not applicable to zero compatible hotspot - java-1.7.0-openjdk-fork.patch: Add support for architectures without fork syscall - java-1.7.0-openjdk-aarch64.patch: Add support for aarch64 Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 12.3: zypper in -t patch openSUSE-2013-426 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 12.3 (i586 x86_64): java-1_7_0-openjdk-1.7.0.6-8.14.5 java-1_7_0-openjdk-debuginfo-1.7.0.6-8.14.5 java-1_7_0-openjdk-debugsource-1.7.0.6-8.14.5 java-1_7_0-openjdk-demo-1.7.0.6-8.14.5 java-1_7_0-openjdk-demo-debuginfo-1.7.0.6-8.14.5 java-1_7_0-openjdk-devel-1.7.0.6-8.14.5 java-1_7_0-openjdk-devel-debuginfo-1.7.0.6-8.14.5 java-1_7_0-openjdk-javadoc-1.7.0.6-8.14.5 java-1_7_0-openjdk-src-1.7.0.6-8.14.5 References: http://support.novell.com/security/cve/CVE-2013-0401.html http://support.novell.com/security/cve/CVE-2013-1488.html http://support.novell.com/security/cve/CVE-2013-1518.html http://support.novell.com/security/cve/CVE-2013-1537.html http://support.novell.com/security/cve/CVE-2013-1557.html http://support.novell.com/security/cve/CVE-2013-1569.html http://support.novell.com/security/cve/CVE-2013-2383.html http://support.novell.com/security/cve/CVE-2013-2384.html http://support.novell.com/security/cve/CVE-2013-2415.html http://support.novell.com/security/cve/CVE-2013-2417.html http://support.novell.com/security/cve/CVE-2013-2419.html http://support.novell.com/security/cve/CVE-2013-2420.html http://support.novell.com/security/cve/CVE-2013-2421.html http://support.novell.com/security/cve/CVE-2013-2422.html http://support.novell.com/security/cve/CVE-2013-2423.html http://support.novell.com/security/cve/CVE-2013-2424.html http://support.novell.com/security/cve/CVE-2013-2426.html http://support.novell.com/security/cve/CVE-2013-2429.html http://support.novell.com/security/cve/CVE-2013-2430.html http://support.novell.com/security/cve/CVE-2013-2431.html http://support.novell.com/security/cve/CVE-2013-2436.html https://bugzilla.novell.com/816720