openSUSE Security Update: Security update for java-1_8_0-openj9 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:1893-1 Rating: important References: #1174157 #1177943 Cross-References: CVE-2020-14556 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 CVE-2020-14779 CVE-2020-14781 CVE-2020-14782 CVE-2020-14792 CVE-2020-14796 CVE-2020-14797 CVE-2020-14798 CVE-2020-14803 Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that fixes 16 vulnerabilities is now available. Description: This update for java-1_8_0-openj9 fixes the following issues: -OpenJDK was updated to 8u2732 build 10 with OpenJ9 0.23.0 virtual machine -includes Oracle July 2020 (bsc#1174157) and October 2020 CPU (bsc#1177943) - CVE-2020-14556, CVE-2020-14577, CVE-2020-14578, CVE-2020-14579, CVE-2020-14581, CVE-2020-14583, CVE-2020-14593, CVE-2020-14621, CVE-2020-14779, CVE-2020-14781, CVE-2020-14782, CVE-2020-14792, CVE-2020-14796, CVE-2020-14797, CVE-2020-14798 and CVE-2020-14803 This update was imported from the SUSE:SLE-15-SP2:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2020-1893=1 Package List: - openSUSE Leap 15.2 (x86_64): java-1_8_0-openj9-1.8.0.272-lp152.3.3.1 java-1_8_0-openj9-accessibility-1.8.0.272-lp152.3.3.1 java-1_8_0-openj9-debuginfo-1.8.0.272-lp152.3.3.1 java-1_8_0-openj9-debugsource-1.8.0.272-lp152.3.3.1 java-1_8_0-openj9-demo-1.8.0.272-lp152.3.3.1 java-1_8_0-openj9-demo-debuginfo-1.8.0.272-lp152.3.3.1 java-1_8_0-openj9-devel-1.8.0.272-lp152.3.3.1 java-1_8_0-openj9-headless-1.8.0.272-lp152.3.3.1 java-1_8_0-openj9-src-1.8.0.272-lp152.3.3.1 - openSUSE Leap 15.2 (noarch): java-1_8_0-openj9-javadoc-1.8.0.272-lp152.3.3.1 References: https://www.suse.com/security/cve/CVE-2020-14556.html https://www.suse.com/security/cve/CVE-2020-14577.html https://www.suse.com/security/cve/CVE-2020-14578.html https://www.suse.com/security/cve/CVE-2020-14579.html https://www.suse.com/security/cve/CVE-2020-14581.html https://www.suse.com/security/cve/CVE-2020-14583.html https://www.suse.com/security/cve/CVE-2020-14593.html https://www.suse.com/security/cve/CVE-2020-14621.html https://www.suse.com/security/cve/CVE-2020-14779.html https://www.suse.com/security/cve/CVE-2020-14781.html https://www.suse.com/security/cve/CVE-2020-14782.html https://www.suse.com/security/cve/CVE-2020-14792.html https://www.suse.com/security/cve/CVE-2020-14796.html https://www.suse.com/security/cve/CVE-2020-14797.html https://www.suse.com/security/cve/CVE-2020-14798.html https://www.suse.com/security/cve/CVE-2020-14803.html https://bugzilla.suse.com/1174157 https://bugzilla.suse.com/1177943