SUSE-SU-2021:0665-1: moderate: Security update for java-1_8_0-openjdk
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Mon Mar 1 20:19:39 UTC 2021
SUSE Security Update: Security update for java-1_8_0-openjdk
______________________________________________________________________________
Announcement ID: SUSE-SU-2021:0665-1
Rating: moderate
References: #1181239
Cross-References: CVE-2020-14803
CVSS scores:
CVE-2020-14803 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2020-14803 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products:
SUSE Manager Server 4.0
SUSE Manager Retail Branch Server 4.0
SUSE Manager Proxy 4.0
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Module for Legacy Software 15-SP3
SUSE Linux Enterprise Module for Legacy Software 15-SP2
SUSE Enterprise Storage 6
SUSE CaaS Platform 4.0
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for java-1_8_0-openjdk fixes the following issues:
- Update to version jdk8u282 (icedtea 3.18.0)
* January 2021 CPU (bsc#1181239)
* Security fixes
+ JDK-8247619: Improve Direct Buffering of Characters (CVE-2020-14803)
* Import of OpenJDK 8 u282 build 01
+ JDK-6962725: Regtest javax/swing/JFileChooser/6738668/
/bug6738668.java fails under Linux
+ JDK-8025936: Windows .pdb and .map files does not have proper
dependencies setup
+ JDK-8030350: Enable additional compiler warnings for GCC
+ JDK-8031423: Test java/awt/dnd/DisposeFrameOnDragCrash/
/DisposeFrameOnDragTest.java fails by Timeout on Windows
+ JDK-8036122: Fix warning 'format not a string literal'
+ JDK-8051853: new URI("x/").resolve("..").getSchemeSpecificPart()
returns null!
+ JDK-8132664: closed/javax/swing/DataTransfer/DefaultNoDrop/
/DefaultNoDrop.java locks on Windows
+ JDK-8134632: Mark javax/sound/midi/Devices/ /InitializationHang.java
as headful
+ JDK-8148854: Class names "SomeClass" and "LSomeClass;" treated by
JVM as an equivalent
+ JDK-8148916: Mark bug6400879.java as intermittently failing
+ JDK-8148983: Fix extra comma in changes for JDK-8148916
+ JDK-8160438: javax/swing/plaf/nimbus/8057791/bug8057791.java fails
+ JDK-8165808: Add release barriers when allocating objects with
concurrent collection
+ JDK-8185003: JMX: Add a version of ThreadMXBean.dumpAllThreads with
a maxDepth argument
+ JDK-8202076: test/jdk/java/io/File/WinSpecialFiles.java on windows
with VS2017
+ JDK-8207766: [testbug] Adapt tests for Aix.
+ JDK-8212070: Introduce diagnostic flag to abort VM on failed JIT
compilation
+ JDK-8213448: [TESTBUG] enhance jfr/jvm/TestDumpOnCrash
+ JDK-8215727: Restore JFR thread sampler loop to old / previous
behavior
+ JDK-8220657: JFR.dump does not work when filename is set
+ JDK-8221342: [TESTBUG] Generate Dockerfile for docker testing
+ JDK-8224502: [TESTBUG] JDK docker test TestSystemMetrics.java fails
with access issues and OOM
+ JDK-8231209: [REDO] ThreadMXBean::getThreadAllocatedBytes() can be
quicker for self thread
+ JDK-8231968: getCurrentThreadAllocatedBytes default implementation
s/b getThreadAllocatedBytes
+ JDK-8232114: JVM crashed at imjpapi.dll in native code
+ JDK-8234270: [REDO] JDK-8204128 NMT might report incorrect numbers
for Compiler area
+ JDK-8234339: replace JLI_StrTok in java_md_solinux.c
+ JDK-8238448: RSASSA-PSS signature verification fail when using
certain odd key sizes
+ JDK-8242335: Additional Tests for RSASSA-PSS
+ JDK-8244225: stringop-overflow warning on strncpy call from
compile_the_world_in
+ JDK-8245400: Upgrade to LittleCMS 2.11
+ JDK-8248214: Add paddings for TaskQueueSuper to reduce false-sharing
cache contention
+ JDK-8249176: Update GlobalSignR6CA test certificates
+ JDK-8250665: Wrong translation for the month name of May in
ar_JO,LB,SY
+ JDK-8250928: JFR: Improve hash algorithm for stack traces
+ JDK-8251469: Better cleanup for test/jdk/javax/imageio/SetOutput.java
+ JDK-8251840: Java_sun_awt_X11_XToolkit_getDefaultScreenData should
not be in make/mapfiles/libawt_xawt/mapfile-vers
+ JDK-8252384: [TESTBUG] Some tests refer to COMPAT provider rather
than JRE
+ JDK-8252395: [8u] --with-native-debug-symbols=external doesn't
include debuginfo files for binaries
+ JDK-8252497: Incorrect numeric currency code for ROL
+ JDK-8252754: Hash code calculation of JfrStackTrace is inconsistent
+ JDK-8252904: VM crashes when JFR is used and JFR event class is
transformed
+ JDK-8252975: [8u] JDK-8252395 breaks the build for
--with-native-debug-symbols=internal
+ JDK-8253284: Zero OrderAccess barrier mappings are incorrect
+ JDK-8253550: [8u] JDK-8252395 breaks the build for make
STRIP_POLICY=no_strip
+ JDK-8253752: test/sun/management/jmxremote/bootstrap/
/RmiBootstrapTest.java fails randomly
+ JDK-8254081: java/security/cert/PolicyNode/
/GetPolicyQualifiers.java fails due to an expired certificate
+ JDK-8254144: Non-x86 Zero builds fail with return-type warning in
os_linux_zero.cpp
+ JDK-8254166: Zero: return-type warning in zeroInterpreter_zero.cpp
+ JDK-8254683: [TEST_BUG] jdk/test/sun/tools/jconsole/
/WorkerDeadlockTest.java fails
+ JDK-8255003: Build failures on Solaris
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Manager Server 4.0:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.0-2021-665=1
- SUSE Manager Retail Branch Server 4.0:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.0-2021-665=1
- SUSE Manager Proxy 4.0:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.0-2021-665=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2021-665=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2021-665=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2021-665=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2021-665=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2021-665=1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP3-2021-665=1
- SUSE Linux Enterprise Module for Legacy Software 15-SP2:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP2-2021-665=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2021-665=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- SUSE Manager Server 4.0 (ppc64le s390x x86_64):
java-1_8_0-openjdk-1.8.0.282-3.48.1
java-1_8_0-openjdk-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-debugsource-1.8.0.282-3.48.1
java-1_8_0-openjdk-demo-1.8.0.282-3.48.1
java-1_8_0-openjdk-demo-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-devel-1.8.0.282-3.48.1
java-1_8_0-openjdk-devel-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-headless-1.8.0.282-3.48.1
java-1_8_0-openjdk-headless-debuginfo-1.8.0.282-3.48.1
- SUSE Manager Retail Branch Server 4.0 (x86_64):
java-1_8_0-openjdk-1.8.0.282-3.48.1
java-1_8_0-openjdk-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-debugsource-1.8.0.282-3.48.1
java-1_8_0-openjdk-demo-1.8.0.282-3.48.1
java-1_8_0-openjdk-demo-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-devel-1.8.0.282-3.48.1
java-1_8_0-openjdk-devel-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-headless-1.8.0.282-3.48.1
java-1_8_0-openjdk-headless-debuginfo-1.8.0.282-3.48.1
- SUSE Manager Proxy 4.0 (x86_64):
java-1_8_0-openjdk-1.8.0.282-3.48.1
java-1_8_0-openjdk-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-debugsource-1.8.0.282-3.48.1
java-1_8_0-openjdk-demo-1.8.0.282-3.48.1
java-1_8_0-openjdk-demo-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-devel-1.8.0.282-3.48.1
java-1_8_0-openjdk-devel-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-headless-1.8.0.282-3.48.1
java-1_8_0-openjdk-headless-debuginfo-1.8.0.282-3.48.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
java-1_8_0-openjdk-1.8.0.282-3.48.1
java-1_8_0-openjdk-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-debugsource-1.8.0.282-3.48.1
java-1_8_0-openjdk-demo-1.8.0.282-3.48.1
java-1_8_0-openjdk-demo-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-devel-1.8.0.282-3.48.1
java-1_8_0-openjdk-devel-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-headless-1.8.0.282-3.48.1
java-1_8_0-openjdk-headless-debuginfo-1.8.0.282-3.48.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
java-1_8_0-openjdk-1.8.0.282-3.48.1
java-1_8_0-openjdk-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-debugsource-1.8.0.282-3.48.1
java-1_8_0-openjdk-demo-1.8.0.282-3.48.1
java-1_8_0-openjdk-demo-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-devel-1.8.0.282-3.48.1
java-1_8_0-openjdk-devel-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-headless-1.8.0.282-3.48.1
java-1_8_0-openjdk-headless-debuginfo-1.8.0.282-3.48.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
java-1_8_0-openjdk-1.8.0.282-3.48.1
java-1_8_0-openjdk-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-debugsource-1.8.0.282-3.48.1
java-1_8_0-openjdk-demo-1.8.0.282-3.48.1
java-1_8_0-openjdk-demo-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-devel-1.8.0.282-3.48.1
java-1_8_0-openjdk-devel-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-headless-1.8.0.282-3.48.1
java-1_8_0-openjdk-headless-debuginfo-1.8.0.282-3.48.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
java-1_8_0-openjdk-1.8.0.282-3.48.1
java-1_8_0-openjdk-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-debugsource-1.8.0.282-3.48.1
java-1_8_0-openjdk-demo-1.8.0.282-3.48.1
java-1_8_0-openjdk-demo-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-devel-1.8.0.282-3.48.1
java-1_8_0-openjdk-devel-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-headless-1.8.0.282-3.48.1
java-1_8_0-openjdk-headless-debuginfo-1.8.0.282-3.48.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
java-1_8_0-openjdk-1.8.0.282-3.48.1
java-1_8_0-openjdk-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-debugsource-1.8.0.282-3.48.1
java-1_8_0-openjdk-demo-1.8.0.282-3.48.1
java-1_8_0-openjdk-demo-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-devel-1.8.0.282-3.48.1
java-1_8_0-openjdk-devel-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-headless-1.8.0.282-3.48.1
java-1_8_0-openjdk-headless-debuginfo-1.8.0.282-3.48.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3 (aarch64 ppc64le s390x x86_64):
java-1_8_0-openjdk-1.8.0.282-3.48.1
java-1_8_0-openjdk-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-debugsource-1.8.0.282-3.48.1
java-1_8_0-openjdk-demo-1.8.0.282-3.48.1
java-1_8_0-openjdk-demo-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-devel-1.8.0.282-3.48.1
java-1_8_0-openjdk-devel-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-headless-1.8.0.282-3.48.1
java-1_8_0-openjdk-headless-debuginfo-1.8.0.282-3.48.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP2 (aarch64 ppc64le s390x x86_64):
java-1_8_0-openjdk-1.8.0.282-3.48.1
java-1_8_0-openjdk-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-debugsource-1.8.0.282-3.48.1
java-1_8_0-openjdk-demo-1.8.0.282-3.48.1
java-1_8_0-openjdk-demo-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-devel-1.8.0.282-3.48.1
java-1_8_0-openjdk-devel-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-headless-1.8.0.282-3.48.1
java-1_8_0-openjdk-headless-debuginfo-1.8.0.282-3.48.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
java-1_8_0-openjdk-1.8.0.282-3.48.1
java-1_8_0-openjdk-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-debugsource-1.8.0.282-3.48.1
java-1_8_0-openjdk-demo-1.8.0.282-3.48.1
java-1_8_0-openjdk-demo-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-devel-1.8.0.282-3.48.1
java-1_8_0-openjdk-devel-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-headless-1.8.0.282-3.48.1
java-1_8_0-openjdk-headless-debuginfo-1.8.0.282-3.48.1
- SUSE CaaS Platform 4.0 (x86_64):
java-1_8_0-openjdk-1.8.0.282-3.48.1
java-1_8_0-openjdk-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-debugsource-1.8.0.282-3.48.1
java-1_8_0-openjdk-demo-1.8.0.282-3.48.1
java-1_8_0-openjdk-demo-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-devel-1.8.0.282-3.48.1
java-1_8_0-openjdk-devel-debuginfo-1.8.0.282-3.48.1
java-1_8_0-openjdk-headless-1.8.0.282-3.48.1
java-1_8_0-openjdk-headless-debuginfo-1.8.0.282-3.48.1
References:
https://www.suse.com/security/cve/CVE-2020-14803.html
https://bugzilla.suse.com/1181239
More information about the sle-security-updates
mailing list