SUSE Security Update: Security update for openjdk
______________________________________________________________________________
Announcement ID: SUSE-SU-2014:0961-1
Rating: important
References: #887530
Cross-References: CVE-2014-2483 CVE-2014-2490 CVE-2014-4208
CVE-2014-4209 CVE-2014-4216 CVE-2014-4218
CVE-2014-4219 CVE-2014-4220 CVE-2014-4221
CVE-2014-4223 CVE-2014-4227 CVE-2014-4244
CVE-2014-4247 CVE-2014-4252 CVE-2014-4262
CVE-2014-4263 CVE-2014-4264 CVE-2014-4265
CVE-2014-4266 CVE-2014-4268
Affected Products:
SUSE Linux Enterprise Desktop 11 SP3
______________________________________________________________________________
An update that fixes 20 vulnerabilities is now available.
It includes one version update.
Description:
This Critical Patch Update contains 20 new security fixes for Oracle Java
SE. All of these vulnerabilities could have been remotely exploitable
without authentication, i.e., could be exploited over a network without
the need for a username and password.
Security Issues:
* CVE-2014-4227
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4227>
* CVE-2014-4219
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4219>
* CVE-2014-2490
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2490>
* CVE-2014-4216
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4216>
* CVE-2014-4247
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4247>
* CVE-2014-2483
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2483>
* CVE-2014-4223
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4223>
* CVE-2014-4262
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4262>
* CVE-2014-4209
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4209>
* CVE-2014-4265
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4265>
* CVE-2014-4220
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4220>
* CVE-2014-4218
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4218>
* CVE-2014-4252
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4252>
* CVE-2014-4266
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4266>
* CVE-2014-4268
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4268>
* CVE-2014-4264
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4264>
* CVE-2014-4221
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4221>
* CVE-2014-4244
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4244>
* CVE-2014-4263
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4263>
* CVE-2014-4208
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4208>
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Desktop 11 SP3:
zypper in -t patch sledsp3-java-1_7_0-openjdk-9543
To bring your system up-to-date, use “zypper patch”.
Package List:
– SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 1.7.0.65]:
java-1_7_0-openjdk-1.7.0.65-0.7.4
java-1_7_0-openjdk-demo-1.7.0.65-0.7.4
java-1_7_0-openjdk-devel-1.7.0.65-0.7.4
References:
http://support.novell.com/security/cve/CVE-2014-2483.html
http://support.novell.com/security/cve/CVE-2014-2490.html
http://support.novell.com/security/cve/CVE-2014-4208.html
http://support.novell.com/security/cve/CVE-2014-4209.html
http://support.novell.com/security/cve/CVE-2014-4216.html
http://support.novell.com/security/cve/CVE-2014-4218.html
http://support.novell.com/security/cve/CVE-2014-4219.html
http://support.novell.com/security/cve/CVE-2014-4220.html
http://support.novell.com/security/cve/CVE-2014-4221.html
http://support.novell.com/security/cve/CVE-2014-4223.html
http://support.novell.com/security/cve/CVE-2014-4227.html
http://support.novell.com/security/cve/CVE-2014-4244.html
http://support.novell.com/security/cve/CVE-2014-4247.html
http://support.novell.com/security/cve/CVE-2014-4252.html
http://support.novell.com/security/cve/CVE-2014-4262.html
http://support.novell.com/security/cve/CVE-2014-4263.html
http://support.novell.com/security/cve/CVE-2014-4264.html
http://support.novell.com/security/cve/CVE-2014-4265.html
http://support.novell.com/security/cve/CVE-2014-4266.html
http://support.novell.com/security/cve/CVE-2014-4268.html
https://bugzilla.novell.com/887530
http://download.suse.com/patch/finder/?keywords=74138caa13d284bb5cbd73e4f768e2e8
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org