CVE-2017-1289: IBM JDK: XML External Entity Injection (XXE) error when processing XML data
CVE-2017-3509: OpenJDK: improper re-use of NTLM authenticated connections
CVE-2017-3511: OpenJDK: untrusted extension directories search path in Launcher
CVE-2017-3539: OpenJDK: MD5 allowed for jar verification
CVE-2017-3533: OpenJDK: newline injection in the FTP client
CVE-2017-3544: OpenJDK: newline injection in the SMTP client
Affected Packages
java-1_7_1-ibm
SUSE Linux Enterprise Server 12 SP1SUSE Linux Enterprise Server 12 SP2SUSE Linux Enterprise Server 12-LTSSSUSE Linux Enterprise Server for SAP Applications 12SUSE Linux Enterprise Server for SAP Applications 12 SP1
Fixed in:
1.7.1_sr4.5-37.1
java-1_7_1-ibm-alsa
SUSE Linux Enterprise Server 12 SP1SUSE Linux Enterprise Server 12 SP2SUSE Linux Enterprise Server 12-LTSSSUSE Linux Enterprise Server for SAP Applications 12SUSE Linux Enterprise Server for SAP Applications 12 SP1
Fixed in:
1.7.1_sr4.5-37.1
java-1_7_1-ibm-jdbc
SUSE Linux Enterprise Server 12 SP1SUSE Linux Enterprise Server 12 SP2SUSE Linux Enterprise Server 12-LTSSSUSE Linux Enterprise Server for SAP Applications 12SUSE Linux Enterprise Server for SAP Applications 12 SP1
Fixed in:
1.7.1_sr4.5-37.1
java-1_7_1-ibm-plugin
SUSE Linux Enterprise Server 12 SP1SUSE Linux Enterprise Server 12 SP2SUSE Linux Enterprise Server 12-LTSSSUSE Linux Enterprise Server for SAP Applications 12SUSE Linux Enterprise Server for SAP Applications 12 SP1
Fixed in:
1.7.1_sr4.5-37.1
java-1_7_1-ibm-devel
SUSE Linux Enterprise Server 12-LTSSSUSE Linux Enterprise Server for SAP Applications 12SUSE Linux Enterprise Software Development Kit 12 SP1SUSE Linux Enterprise Software Development Kit 12 SP2