Mailinglist Archive: opensuse-updates (119 mails)

< Previous Next >
openSUSE-SU-2013:0377-1: critical: java-1_7_0-openjdk: update to 2.3.6
openSUSE Security Update: java-1_7_0-openjdk: update to 2.3.6

Announcement ID: openSUSE-SU-2013:0377-1
Rating: critical
References: #803379
Cross-References: CVE-2013-0424 CVE-2013-0425 CVE-2013-0426
CVE-2013-0427 CVE-2013-0428 CVE-2013-0429
CVE-2013-0431 CVE-2013-0432 CVE-2013-0433
CVE-2013-0434 CVE-2013-0435 CVE-2013-0440
CVE-2013-0441 CVE-2013-0442 CVE-2013-0443
CVE-2013-0444 CVE-2013-0450 CVE-2013-1475
CVE-2013-1476 CVE-2013-1478 CVE-2013-1480

Affected Products:
openSUSE 12.2

An update that fixes 21 vulnerabilities is now available.


java-1_7_0-openjdk was updated to icedtea-2.3.6
(bnc#803379) containing various security and bugfixes:

* Security fixes
- S6563318, CVE-2013-0424: RMI data sanitization
- S6664509, CVE-2013-0425: Add logging context
- S6664528, CVE-2013-0426: Find log level matching its
name or value given at construction time
- S6776941: CVE-2013-0427: Improve thread pool shutdown
- S7141694, CVE-2013-0429: Improving CORBA internals
- S7173145: Improve in-memory representation of
- S7186945: Unpack200 improvement
- S7186946: Refine unpacker resource usage
- S7186948: Improve Swing data validation
- S7186952, CVE-2013-0432: Improve clipboard access
- S7186954: Improve connection performance
- S7186957: Improve Pack200 data validation
- S7192392, CVE-2013-0443: Better validation of client
- S7192393, CVE-2013-0440: Better Checking of order of
TLS Messages
- S7192977, CVE-2013-0442: Issue in toolkit thread
- S7197546, CVE-2013-0428: (proxy) Reflect about creating
reflective proxies
- S7200491: Tighten up JTable layout code
- S7200493, CVE-2013-0444: Improve cache handling
- S7200499: Better data validation for options
- S7200500: Launcher better input validation
- S7201064: Better dialogue checking
- S7201066, CVE-2013-0441: Change modifiers on unused
- S7201068, CVE-2013-0435: Better handling of UI elements
- S7201070: Serialization to conform to protocol
- S7201071, CVE-2013-0433: InetSocketAddress
serialization issue
- S8000210: Improve JarFile code quality
- S8000537, CVE-2013-0450: Contextualize
RequiredModelMBean class
- S8000539, CVE-2013-0431: Introspect JMX data handling
- S8000540, CVE-2013-1475: Improve IIOP type reuse
- S8000631, CVE-2013-1476: Restrict access to class
- S8001235, CVE-2013-0434: Improve JAXP HTTP handling
- S8001242: Improve RMI HTTP conformance
- S8001307: Modify ACC_SUPER behavior
- S8001972, CVE-2013-1478: Improve image processing
- S8002325, CVE-2013-1480: Improve management of images
* Backports
- S7057320:
failing intermittently
- S7083664: TEST_BUG: test hard code of using c:/temp but
this dir might not exist
- S7107613: scalability blocker in
- S7107616: scalability blocker in
- S7146424: Wildcard expansion for single entry classpath
- S7160609: [macosx] JDK crash in libjvm.dylib ( C
[GeForceGLDriver+0x675a] gldAttachDrawable+0x941)
- S7160951: [macosx] ActionListener called twice for
JMenuItem using ScreenMenuBar
- S7162488: VM not printing unknown -XX options
- S7169395: Exception throws due to the changes in JDK 7
object tranversal and break backward compatibility
- S7175616: Port fix for TimeZone from JDK 8 to JDK 7
- S7176485: (bf) Allow temporary buffer cache to grow to
- S7179908: Fork hs23.3 hsx from hs22.2 for jdk7u7 and
reinitialize build number
- S7184326: TEST_BUG:
java/awt/Frame/7024749/ has a typo
- S7185245: Licensee source bundle tries to compile JFR
- S7185471: Avoid key expansion when AES cipher is
re-init w/ the same key
- S7186371: [macosx] Main menu shortcuts not displayed
(7u6 regression)
- S7187834: [macosx] Usage of private API in macosx 2d
implementation causes Apple Store rejection
- S7188114: (launcher) need an alternate command line
parser for Windows
- S7189136: Fork hs23.5 hsx from hs23.4 for jdk7u9 and
reinitialize build number
- S7189350: Fix failed for CR 7162144
- S7190550: REGRESSION: Some closed/com/oracle/jfr/api
tests fail to compile becuse of fix 7185245
- S7193219: JComboBox serialization fails in JDK 1.7
- S7193977: REGRESSION:Java 7's JavaBeans persistence
ignoring the "transient" flag on properties
- S7195106: REGRESSION : There is no way to get Icon inf,
once Softreference is released
- S7195301: XML Signature DOM implementation should not
use instanceof to determine type of Node
- S7195931: UnsatisfiedLinkError on
PKCS11.C_GetOperationState while using NSS from jre7u6+
- S7197071: Makefiles for various security providers
aren't including the default manifest.
- S7197652: Impossible to run any signed JNLP
applications or applets, OCSP off by default
- S7198146: Another new regression test does not compile
on windows-amd64
- S7198570: (tz) Support tzdata2012f
- S7198640: new hotspot build - hs23.6-b04
- S7199488: [TEST] runtime/7158800/ failed
due to false-positive on PID match.
- S7199645: Increment build # of hs23.5 to b02
- S7199669: Update tags in .hgtags file for CPU release
- S7200720: crash in net.dll during NTLM authentication
- S7200742: (se) does not block when
starting Coherence (sol11u1)
- S7200762: [macosx] Stuck in
- S8000285: Deadlock between PostEventQueue.noEvents,
EventQueue.isDispatchThread and
- S8000286: [macosx] Views keep scrolling back to the
drag position after DnD
- S8000297: REGRESSION:
- S8000307: Jre7cert: focusgained does not get called for
all focus req when do alt + tab
- S8000822: Fork hs23.7 hsx from hs23.6 for jdk7u11 and
reinitialize build number
- S8001124: jdk7u ProblemList.txt updates (10/2012)
- S8001242: Improve RMI HTTP conformance
- S8001808: Create a test for 8000327
- S8001876: Create regtest for 8000283
- S8002068: Build broken: corba code changes unable to
use new JDK 7 classes
- S8002091: tools/launcher/ test started to
fail since 7u11 b01 on Windows
- S8002114: fix failed for JDK-7160951: [macosx]
ActionListener called twice for JMenuItem using
- S8002225: (tz) Support tzdata2012i
- S8003402: (dc)
failing after 7u11 cleanup issues
- S8003403: Test ShortRSAKeyWithinTLS and
ClientJSSEServerJSSE failing after 7u11 cleanup
- S8003948: NTLM/Negotiate authentication problem
- S8004175: Restricted packages added in
are missing in{macosx, solaris, windows}
- S8004302: javax/xml/soap/ fails since
- S8004341: Two JCK tests fails with 7u11 b06
- S8005615: Java Logger fails to load tomcat logger
implementation (JULI)
* Bug fixes
- Fix build using Zero's HotSpot so all patches apply
- PR1295: jamvm parallel unpack failure
* removed
- removed

- few missing /openjdk/%{origin}/ changes

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 12.2:

zypper in -t patch openSUSE-2013-165

To bring your system up-to-date, use "zypper patch".

Package List:

- openSUSE 12.2 (i586 x86_64):



< Previous Next >
This Thread
  • No further messages