SUSE Security Update: Security update for openjdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0961-1 Rating: important References: #887530 Cross-References: CVE-2014-2483 CVE-2014-2490 CVE-2014-4208 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4220 CVE-2014-4221 CVE-2014-4223 CVE-2014-4227 CVE-2014-4244 CVE-2014-4247 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4264 CVE-2014-4265 CVE-2014-4266 CVE-2014-4268 Affected Products: SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes 20 vulnerabilities is now available. It includes one version update. Description: This Critical Patch Update contains 20 new security fixes for Oracle Java SE. All of these vulnerabilities could have been remotely exploitable without authentication, i.e., could be exploited over a network without the need for a username and password. Security Issues: * CVE-2014-4227 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4227> * CVE-2014-4219 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4219> * CVE-2014-2490 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2490> * CVE-2014-4216 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4216> * CVE-2014-4247 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4247> * CVE-2014-2483 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2483> * CVE-2014-4223 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4223> * CVE-2014-4262 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4262> * CVE-2014-4209 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4209> * CVE-2014-4265 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4265> * CVE-2014-4220 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4220> * CVE-2014-4218 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4218> * CVE-2014-4252 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4252> * CVE-2014-4266 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4266> * CVE-2014-4268 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4268> * CVE-2014-4264 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4264> * CVE-2014-4221 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4221> * CVE-2014-4244 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4244> * CVE-2014-4263 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4263> * CVE-2014-4208 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4208> Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-java-1_7_0-openjdk-9543 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 1.7.0.65]: java-1_7_0-openjdk-1.7.0.65-0.7.4 java-1_7_0-openjdk-demo-1.7.0.65-0.7.4 java-1_7_0-openjdk-devel-1.7.0.65-0.7.4 References: http://support.novell.com/security/cve/CVE-2014-2483.html http://support.novell.com/security/cve/CVE-2014-2490.html http://support.novell.com/security/cve/CVE-2014-4208.html http://support.novell.com/security/cve/CVE-2014-4209.html http://support.novell.com/security/cve/CVE-2014-4216.html http://support.novell.com/security/cve/CVE-2014-4218.html http://support.novell.com/security/cve/CVE-2014-4219.html http://support.novell.com/security/cve/CVE-2014-4220.html http://support.novell.com/security/cve/CVE-2014-4221.html http://support.novell.com/security/cve/CVE-2014-4223.html http://support.novell.com/security/cve/CVE-2014-4227.html http://support.novell.com/security/cve/CVE-2014-4244.html http://support.novell.com/security/cve/CVE-2014-4247.html http://support.novell.com/security/cve/CVE-2014-4252.html http://support.novell.com/security/cve/CVE-2014-4262.html http://support.novell.com/security/cve/CVE-2014-4263.html http://support.novell.com/security/cve/CVE-2014-4264.html http://support.novell.com/security/cve/CVE-2014-4265.html http://support.novell.com/security/cve/CVE-2014-4266.html http://support.novell.com/security/cve/CVE-2014-4268.html https://bugzilla.novell.com/887530 http://download.suse.com/patch/finder/?keywords=74138caa13d284bb5cbd73e4f768... -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org