Security update for java-1_7_0-ibm SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2015:1375-1 Final 1 1 2015-07-31T13:14:30Z current 2015-07-31T13:14:30Z 2015-07-31T13:14:30Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for java-1_7_0-ibm java-1_7_0-ibm was updated to fix 21 security issues. These security issues were fixed: - CVE-2015-4729: Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allowed remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment (bsc#938895). - CVE-2015-4748: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security (bsc#938895). - CVE-2015-2664: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allowed local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment (bsc#938895). - CVE-2015-0192: Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allowed remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine (bsc#938895). - CVE-2015-2613: Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality via vectors related to JCE (bsc#938895). - CVE-2015-4731: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX (bsc#938895). - CVE-2015-2637: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality via unknown vectors related to 2D (bsc#938895). - CVE-2015-4733: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI (bsc#938895). - CVE-2015-4732: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-2590 (bsc#938895). - CVE-2015-2621: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33, allowed remote attackers to affect confidentiality via vectors related to JMX (bsc#938895). - CVE-2015-2619: Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, JavaFX 2.2.80, and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality via unknown vectors related to 2D (bsc#938895). - CVE-2015-2590: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732 (bsc#938895). - CVE-2015-2638: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D (bsc#938895). - CVE-2015-2625: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality via vectors related to JSSE (bsc#938895). - CVE-2015-2632: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allowed remote attackers to affect confidentiality via unknown vectors related to 2D (bsc#938895). - CVE-2015-1931: Unspecified vulnerability (bsc#938895). - CVE-2015-4760: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D (bsc#938895). - CVE-2015-4000: The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, did not properly convey a DHE_EXPORT choice, which allowed man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the 'Logjam' issue (bsc#935540). - CVE-2015-2601: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality via vectors related to JCE (bsc#938895). - CVE-2015-2808: The RC4 algorithm, as used in the TLS protocol and SSL protocol, did not properly combine state data with key data during the initialization phase, which made it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the 'Bar Mitzvah' issue (bsc#938895). - CVE-2015-4749: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect availability via vectors related to JNDI (bsc#938895). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). sdksp3-java-1_7_0-ibm-12026,slessp2-java-1_7_0-ibm-12026,slessp3-java-1_7_0-ibm-12026 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2015/suse-su-20151375-1/ Link for SUSE-SU-2015:1375-1 https://lists.opensuse.org/opensuse-security-announce/2015-08/msg00006.html E-Mail link for SUSE-SU-2015:1375-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/935540 SUSE Bug 935540 https://bugzilla.suse.com/938895 SUSE Bug 938895 https://www.suse.com/security/cve/CVE-2015-0192/ SUSE CVE CVE-2015-0192 page https://www.suse.com/security/cve/CVE-2015-1931/ SUSE CVE CVE-2015-1931 page https://www.suse.com/security/cve/CVE-2015-2590/ SUSE CVE CVE-2015-2590 page https://www.suse.com/security/cve/CVE-2015-2601/ SUSE CVE CVE-2015-2601 page https://www.suse.com/security/cve/CVE-2015-2613/ SUSE CVE CVE-2015-2613 page https://www.suse.com/security/cve/CVE-2015-2619/ SUSE CVE CVE-2015-2619 page https://www.suse.com/security/cve/CVE-2015-2621/ SUSE CVE CVE-2015-2621 page https://www.suse.com/security/cve/CVE-2015-2625/ SUSE CVE CVE-2015-2625 page https://www.suse.com/security/cve/CVE-2015-2632/ SUSE CVE CVE-2015-2632 page https://www.suse.com/security/cve/CVE-2015-2637/ SUSE CVE CVE-2015-2637 page https://www.suse.com/security/cve/CVE-2015-2638/ SUSE CVE CVE-2015-2638 page https://www.suse.com/security/cve/CVE-2015-2664/ SUSE CVE CVE-2015-2664 page https://www.suse.com/security/cve/CVE-2015-2808/ SUSE CVE CVE-2015-2808 page https://www.suse.com/security/cve/CVE-2015-4000/ SUSE CVE CVE-2015-4000 page https://www.suse.com/security/cve/CVE-2015-4729/ SUSE CVE CVE-2015-4729 page https://www.suse.com/security/cve/CVE-2015-4731/ SUSE CVE CVE-2015-4731 page https://www.suse.com/security/cve/CVE-2015-4732/ SUSE CVE CVE-2015-4732 page https://www.suse.com/security/cve/CVE-2015-4733/ SUSE CVE CVE-2015-4733 page https://www.suse.com/security/cve/CVE-2015-4748/ SUSE CVE CVE-2015-4748 page https://www.suse.com/security/cve/CVE-2015-4749/ SUSE CVE CVE-2015-4749 page https://www.suse.com/security/cve/CVE-2015-4760/ SUSE CVE CVE-2015-4760 page SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP3 java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 java-1_7_0-ibm-1.7.0_sr9.10-9.1 java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 java-1_7_0-ibm-1.7.0_sr9.10-9.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS java-1_7_0-ibm-1.7.0_sr9.10-9.1 as a component of SUSE Linux Enterprise Server 11 SP3 java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 as a component of SUSE Linux Enterprise Server 11 SP3 java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 as a component of SUSE Linux Enterprise Server 11 SP3 java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 as a component of SUSE Linux Enterprise Server 11 SP3 java-1_7_0-ibm-1.7.0_sr9.10-9.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA java-1_7_0-ibm-1.7.0_sr9.10-9.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3 Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine. CVE-2015-0192 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Software Development Kit 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151375-1/ https://www.suse.com/security/cve/CVE-2015-0192.html CVE-2015-0192 https://bugzilla.suse.com/952088 SUSE Bug 952088 IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive information by reading a file. CVE-2015-1931 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Software Development Kit 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151375-1/ https://www.suse.com/security/cve/CVE-2015-1931.html CVE-2015-1931 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 https://bugzilla.suse.com/939382 SUSE Bug 939382 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732. CVE-2015-2590 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Software Development Kit 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151375-1/ https://www.suse.com/security/cve/CVE-2015-2590.html CVE-2015-2590 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE. CVE-2015-2601 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Software Development Kit 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151375-1/ https://www.suse.com/security/cve/CVE-2015-2601.html CVE-2015-2601 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE. CVE-2015-2613 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Software Development Kit 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151375-1/ https://www.suse.com/security/cve/CVE-2015-2613.html CVE-2015-2613 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 https://bugzilla.suse.com/951727 SUSE Bug 951727 Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, JavaFX 2.2.80, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via unknown vectors related to 2D. CVE-2015-2619 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Software Development Kit 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151375-1/ https://www.suse.com/security/cve/CVE-2015-2619.html CVE-2015-2619 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33, allows remote attackers to affect confidentiality via vectors related to JMX. CVE-2015-2621 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Software Development Kit 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151375-1/ https://www.suse.com/security/cve/CVE-2015-2621.html CVE-2015-2621 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JSSE. CVE-2015-2625 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Software Development Kit 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151375-1/ https://www.suse.com/security/cve/CVE-2015-2625.html CVE-2015-2625 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to 2D. CVE-2015-2632 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Software Development Kit 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151375-1/ https://www.suse.com/security/cve/CVE-2015-2632.html CVE-2015-2632 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via unknown vectors related to 2D. CVE-2015-2637 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Software Development Kit 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151375-1/ https://www.suse.com/security/cve/CVE-2015-2637.html CVE-2015-2637 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. CVE-2015-2638 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Software Development Kit 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151375-1/ https://www.suse.com/security/cve/CVE-2015-2638.html CVE-2015-2638 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. CVE-2015-2664 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Software Development Kit 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151375-1/ https://www.suse.com/security/cve/CVE-2015-2664.html CVE-2015-2664 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue. CVE-2015-2808 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Software Development Kit 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 important 2.6 AV:N/AC:H/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151375-1/ https://www.suse.com/security/cve/CVE-2015-2808.html CVE-2015-2808 https://bugzilla.suse.com/925378 SUSE Bug 925378 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 https://bugzilla.suse.com/952088 SUSE Bug 952088 The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue. CVE-2015-4000 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Software Development Kit 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 important 7.3 AV:N/AC:H/Au:N/C:C/I:C/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151375-1/ https://www.suse.com/security/cve/CVE-2015-4000.html CVE-2015-4000 https://bugzilla.suse.com/1074631 SUSE Bug 1074631 https://bugzilla.suse.com/1211968 SUSE Bug 1211968 https://bugzilla.suse.com/931600 SUSE Bug 931600 https://bugzilla.suse.com/931698 SUSE Bug 931698 https://bugzilla.suse.com/931723 SUSE Bug 931723 https://bugzilla.suse.com/931845 SUSE Bug 931845 https://bugzilla.suse.com/932026 SUSE Bug 932026 https://bugzilla.suse.com/932483 SUSE Bug 932483 https://bugzilla.suse.com/934789 SUSE Bug 934789 https://bugzilla.suse.com/935033 SUSE Bug 935033 https://bugzilla.suse.com/935540 SUSE Bug 935540 https://bugzilla.suse.com/935979 SUSE Bug 935979 https://bugzilla.suse.com/937202 SUSE Bug 937202 https://bugzilla.suse.com/937766 SUSE Bug 937766 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938432 SUSE Bug 938432 https://bugzilla.suse.com/938895 SUSE Bug 938895 https://bugzilla.suse.com/938905 SUSE Bug 938905 https://bugzilla.suse.com/938906 SUSE Bug 938906 https://bugzilla.suse.com/938913 SUSE Bug 938913 https://bugzilla.suse.com/938945 SUSE Bug 938945 https://bugzilla.suse.com/943664 SUSE Bug 943664 https://bugzilla.suse.com/944729 SUSE Bug 944729 https://bugzilla.suse.com/945582 SUSE Bug 945582 https://bugzilla.suse.com/955589 SUSE Bug 955589 https://bugzilla.suse.com/980406 SUSE Bug 980406 https://bugzilla.suse.com/990592 SUSE Bug 990592 https://bugzilla.suse.com/994144 SUSE Bug 994144 Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment. CVE-2015-4729 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Software Development Kit 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151375-1/ https://www.suse.com/security/cve/CVE-2015-4729.html CVE-2015-4729 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. CVE-2015-4731 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Software Development Kit 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151375-1/ https://www.suse.com/security/cve/CVE-2015-4731.html CVE-2015-4731 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-2590. CVE-2015-4732 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Software Development Kit 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151375-1/ https://www.suse.com/security/cve/CVE-2015-4732.html CVE-2015-4732 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. CVE-2015-4733 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Software Development Kit 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151375-1/ https://www.suse.com/security/cve/CVE-2015-4733.html CVE-2015-4733 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security. CVE-2015-4748 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Software Development Kit 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151375-1/ https://www.suse.com/security/cve/CVE-2015-4748.html CVE-2015-4748 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect availability via vectors related to JNDI. CVE-2015-4749 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Software Development Kit 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151375-1/ https://www.suse.com/security/cve/CVE-2015-4749.html CVE-2015-4749 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. CVE-2015-4760 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr9.10-9.1 SUSE Linux Enterprise Software Development Kit 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr9.10-9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151375-1/ https://www.suse.com/security/cve/CVE-2015-4760.html CVE-2015-4760 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895