SUSE-SU-2020:0213-1

Details

This update for java-11-openjdk fixes the following issues:

Update to version jdk-11.0.6-10 (January 2020 CPU, bsc#1160968)

Fixing these security related issues:

CVE-2020-2583: Unlink Set of LinkedHashSets
CVE-2020-2590: Improve Kerberos interop capabilities
CVE-2020-2593: Normalize normalization for all
CVE-2020-2601: Better Ticket Granting Services
CVE-2020-2604: Better serial filter handling
CVE-2020-2655: Better TLS messaging support
CVE-2020-2654: Improve Object Identifier Processing

Affected Packages

java-11-openjdk

SUSE Linux Enterprise High Performance Computing 15-ESPOSSUSE Linux Enterprise High Performance Computing 15-LTSSSUSE Linux Enterprise Module for Basesystem 15SUSE Linux Enterprise Module for Basesystem 15 SP1SUSE Linux Enterprise Server 15-LTSS

Fixed in:

11.0.6.0-3.39.2

java-11-openjdk-demo

SUSE Linux Enterprise High Performance Computing 15-ESPOSSUSE Linux Enterprise High Performance Computing 15-LTSSSUSE Linux Enterprise Module for Basesystem 15SUSE Linux Enterprise Module for Basesystem 15 SP1SUSE Linux Enterprise Server 15-LTSS

Fixed in:

11.0.6.0-3.39.2

java-11-openjdk-devel

SUSE Linux Enterprise High Performance Computing 15-ESPOSSUSE Linux Enterprise High Performance Computing 15-LTSSSUSE Linux Enterprise Module for Basesystem 15SUSE Linux Enterprise Module for Basesystem 15 SP1SUSE Linux Enterprise Server 15-LTSS

Fixed in:

11.0.6.0-3.39.2

java-11-openjdk-headless

SUSE Linux Enterprise High Performance Computing 15-ESPOSSUSE Linux Enterprise High Performance Computing 15-LTSSSUSE Linux Enterprise Module for Basesystem 15SUSE Linux Enterprise Module for Basesystem 15 SP1SUSE Linux Enterprise Server 15-LTSS

Fixed in:

11.0.6.0-3.39.2

References

REPORT

https://bugzilla.suse.com/1160968

WEB

https://www.suse.com/security/cve/CVE-2020-2583

WEB

https://www.suse.com/security/cve/CVE-2020-2590

WEB

https://www.suse.com/security/cve/CVE-2020-2593

WEB