Security update for java-1_7_0-ibm SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2016:1378-1 Final 1 1 2016-05-20T21:06:13Z current 2016-05-20T21:06:13Z 2016-05-20T21:06:13Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for java-1_7_0-ibm This IBM Java 1.7.0 SR9 FP40 release fixes the following issues: Security issues fixed: - CVE-2016-0264: buffer overflow vulnerability in the IBM JVM (bsc#977648) - CVE-2016-0363: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix (bsc#977650) - CVE-2016-0376: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix (bsc#977646) - The following CVEs got also fixed during this update. (bsc#979252) CVE-2016-3443, CVE-2016-0687, CVE-2016-0686, CVE-2016-3427, CVE-2016-3449, CVE-2016-3422, CVE-2016-3426 The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). sleclo50sp3-java-1_7_0-ibm-12571,sleman21-java-1_7_0-ibm-12571,slemap21-java-1_7_0-ibm-12571,slessp2-java-1_7_0-ibm-12571,slessp3-java-1_7_0-ibm-12571 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2016/suse-su-20161378-1/ Link for SUSE-SU-2016:1378-1 https://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html E-Mail link for SUSE-SU-2016:1378-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/977646 SUSE Bug 977646 https://bugzilla.suse.com/977648 SUSE Bug 977648 https://bugzilla.suse.com/977650 SUSE Bug 977650 https://bugzilla.suse.com/979252 SUSE Bug 979252 https://www.suse.com/security/cve/CVE-2016-0264/ SUSE CVE CVE-2016-0264 page https://www.suse.com/security/cve/CVE-2016-0363/ SUSE CVE CVE-2016-0363 page https://www.suse.com/security/cve/CVE-2016-0376/ SUSE CVE CVE-2016-0376 page https://www.suse.com/security/cve/CVE-2016-0686/ SUSE CVE CVE-2016-0686 page https://www.suse.com/security/cve/CVE-2016-0687/ SUSE CVE CVE-2016-0687 page https://www.suse.com/security/cve/CVE-2016-3422/ SUSE CVE CVE-2016-3422 page https://www.suse.com/security/cve/CVE-2016-3426/ SUSE CVE CVE-2016-3426 page https://www.suse.com/security/cve/CVE-2016-3427/ SUSE CVE CVE-2016-3427 page https://www.suse.com/security/cve/CVE-2016-3443/ SUSE CVE CVE-2016-3443 page https://www.suse.com/security/cve/CVE-2016-3449/ SUSE CVE CVE-2016-3449 page SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Manager 2.1 SUSE Manager Proxy 2.1 SUSE OpenStack Cloud 5 java-1_7_0-ibm-1.7.0_sr9.40-52.1 java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 java-1_7_0-ibm-devel-1.7.0_sr9.40-52.1 java-1_7_0-ibm-1.7.0_sr9.40-52.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS java-1_7_0-ibm-devel-1.7.0_sr9.40-52.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS java-1_7_0-ibm-1.7.0_sr9.40-52.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS java-1_7_0-ibm-1.7.0_sr9.40-52.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA java-1_7_0-ibm-1.7.0_sr9.40-52.1 as a component of SUSE Manager 2.1 java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 as a component of SUSE Manager 2.1 java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 as a component of SUSE Manager 2.1 java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 as a component of SUSE Manager 2.1 java-1_7_0-ibm-1.7.0_sr9.40-52.1 as a component of SUSE Manager Proxy 2.1 java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 as a component of SUSE Manager Proxy 2.1 java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 as a component of SUSE Manager Proxy 2.1 java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 as a component of SUSE Manager Proxy 2.1 java-1_7_0-ibm-1.7.0_sr9.40-52.1 as a component of SUSE OpenStack Cloud 5 java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 as a component of SUSE OpenStack Cloud 5 java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 as a component of SUSE OpenStack Cloud 5 java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 as a component of SUSE OpenStack Cloud 5 Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) allows remote attackers to execute arbitrary code via unspecified vectors. CVE-2016-0264 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 moderate 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20161378-1/ https://www.suse.com/security/cve/CVE-2016-0264.html CVE-2016-0264 https://bugzilla.suse.com/977648 SUSE Bug 977648 https://bugzilla.suse.com/979252 SUSE Bug 979252 The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) uses the invoke method of the java.lang.reflect.Method class in an AccessController doPrivileged block, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to a Proxy object instance implementing the java.lang.reflect.InvocationHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-3009. CVE-2016-0363 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 important 7.6 AV:N/AC:H/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20161378-1/ https://www.suse.com/security/cve/CVE-2016-0363.html CVE-2016-0363 https://bugzilla.suse.com/977650 SUSE Bug 977650 https://bugzilla.suse.com/979252 SUSE Bug 979252 The com.ibm.rmi.io.SunSerializableFactory class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) does not properly deserialize classes in an AccessController doPrivileged block, which allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code as demonstrated by the readValue method of the com.ibm.rmi.io.ValueHandlerPool.ValueHandlerSingleton class, which implements the javax.rmi.CORBA.ValueHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-5456. CVE-2016-0376 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 critical 7.6 AV:N/AC:H/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20161378-1/ https://www.suse.com/security/cve/CVE-2016-0376.html CVE-2016-0376 https://bugzilla.suse.com/977646 SUSE Bug 977646 https://bugzilla.suse.com/977650 SUSE Bug 977650 https://bugzilla.suse.com/979252 SUSE Bug 979252 https://bugzilla.suse.com/981057 SUSE Bug 981057 https://bugzilla.suse.com/981060 SUSE Bug 981060 https://bugzilla.suse.com/981087 SUSE Bug 981087 Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization. CVE-2016-0686 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 important 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20161378-1/ https://www.suse.com/security/cve/CVE-2016-0686.html CVE-2016-0686 https://bugzilla.suse.com/976340 SUSE Bug 976340 https://bugzilla.suse.com/979252 SUSE Bug 979252 Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component. CVE-2016-0687 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 important 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20161378-1/ https://www.suse.com/security/cve/CVE-2016-0687.html CVE-2016-0687 https://bugzilla.suse.com/976340 SUSE Bug 976340 https://bugzilla.suse.com/979252 SUSE Bug 979252 Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D. CVE-2016-3422 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20161378-1/ https://www.suse.com/security/cve/CVE-2016-3422.html CVE-2016-3422 https://bugzilla.suse.com/976340 SUSE Bug 976340 https://bugzilla.suse.com/979252 SUSE Bug 979252 Unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality via vectors related to JCE. CVE-2016-3426 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 important 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20161378-1/ https://www.suse.com/security/cve/CVE-2016-3426.html CVE-2016-3426 https://bugzilla.suse.com/976340 SUSE Bug 976340 https://bugzilla.suse.com/979252 SUSE Bug 979252 Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. CVE-2016-3427 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 important 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20161378-1/ https://www.suse.com/security/cve/CVE-2016-3427.html CVE-2016-3427 https://bugzilla.suse.com/1011805 SUSE Bug 1011805 https://bugzilla.suse.com/976340 SUSE Bug 976340 https://bugzilla.suse.com/979252 SUSE Bug 979252 Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D. NOTE: the previous information is from the April 2016 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information via crafted font data, which triggers an out-of-bounds read. CVE-2016-3443 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 important 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20161378-1/ https://www.suse.com/security/cve/CVE-2016-3443.html CVE-2016-3443 https://bugzilla.suse.com/976340 SUSE Bug 976340 https://bugzilla.suse.com/979252 SUSE Bug 979252 Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Deployment. CVE-2016-3449 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-devel-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP2-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-LTSS:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Manager 2.1:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE Manager Proxy 2.1:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 SUSE OpenStack Cloud 5:java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 important 7.6 AV:N/AC:H/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20161378-1/ https://www.suse.com/security/cve/CVE-2016-3449.html CVE-2016-3449 https://bugzilla.suse.com/976340 SUSE Bug 976340 https://bugzilla.suse.com/979252 SUSE Bug 979252