Security update for java-11-openjdk SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2019:2002-1 Final 1 1 2019-07-29T11:00:36Z current 2019-07-29T11:00:36Z 2019-07-29T11:00:36Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for java-11-openjdk This update for java-11-openjdk to version jdk-11.0.4+11 fixes the following issues: Security issues fixed: - CVE-2019-2745: Improved ECC Implementation (bsc#1141784). - CVE-2019-2762: Exceptional throw cases (bsc#1141782). - CVE-2019-2766: Improve file protocol handling (bsc#1141789). - CVE-2019-2769: Better copies of CopiesList (bsc#1141783). - CVE-2019-2786: More limited privilege usage (bsc#1141787). - CVE-2019-7317: Improve PNG support options (bsc#1141780). - CVE-2019-2818: Better Poly1305 support (bsc#1141788). - CVE-2019-2816: Normalize normalization (bsc#1141785). - CVE-2019-2821: Improve TLS negotiation (bsc#1141781). - Certificate validation improvements Non-security issues fixed: - Do not fail installation when the manpages are not present (bsc#1115375) - Backport upstream fix for JDK-8208602: Cannot read PEM X.509 cert if there is whitespace after the header or footer (bsc#1140461) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Container bci/openjdk-devel:11-2019-2002,Container bci/openjdk:11-2019-2002,Container bci/openjdk:latest-2019-2002,Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server-2019-2002,Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server-2019-2002,Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server-2019-2002,Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure-2019-2002,Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM-2019-2002,Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE-2019-2002,Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure-2019-2002,Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM-2019-2002,Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE-2019-2002,Image SLES15-SP4-Manager-Server-4-3-BYOS-2019-2002,Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure-2019-2002,Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2-2019-2002,Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE-2019-2002,SUSE-2019-2002,SUSE-SLE-Module-Basesystem-15-2019-2002,SUSE-SLE-Module-Basesystem-15-SP1-2019-2002,SUSE-SLE-Module-Development-Tools-OBS-15-2019-2002,SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2002 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2019/suse-su-20192002-1/ Link for SUSE-SU-2019:2002-1 https://www.suse.com/support/update/announcement/2019/suse-su-20192002-1.html E-Mail link for SUSE-SU-2019:2002-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1115375 SUSE Bug 1115375 https://bugzilla.suse.com/1140461 SUSE Bug 1140461 https://bugzilla.suse.com/1141780 SUSE Bug 1141780 https://bugzilla.suse.com/1141781 SUSE Bug 1141781 https://bugzilla.suse.com/1141782 SUSE Bug 1141782 https://bugzilla.suse.com/1141783 SUSE Bug 1141783 https://bugzilla.suse.com/1141784 SUSE Bug 1141784 https://bugzilla.suse.com/1141785 SUSE Bug 1141785 https://bugzilla.suse.com/1141787 SUSE Bug 1141787 https://bugzilla.suse.com/1141788 SUSE Bug 1141788 https://bugzilla.suse.com/1141789 SUSE Bug 1141789 https://www.suse.com/security/cve/CVE-2019-2745/ SUSE CVE CVE-2019-2745 page https://www.suse.com/security/cve/CVE-2019-2762/ SUSE CVE CVE-2019-2762 page https://www.suse.com/security/cve/CVE-2019-2766/ SUSE CVE CVE-2019-2766 page https://www.suse.com/security/cve/CVE-2019-2769/ SUSE CVE CVE-2019-2769 page https://www.suse.com/security/cve/CVE-2019-2786/ SUSE CVE CVE-2019-2786 page https://www.suse.com/security/cve/CVE-2019-2816/ SUSE CVE CVE-2019-2816 page https://www.suse.com/security/cve/CVE-2019-2818/ SUSE CVE CVE-2019-2818 page https://www.suse.com/security/cve/CVE-2019-2821/ SUSE CVE CVE-2019-2821 page https://www.suse.com/security/cve/CVE-2019-7317/ SUSE CVE CVE-2019-7317 page Container bci/openjdk-devel:11 Container bci/openjdk:11 Container bci/openjdk:latest Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE Image SLES15-SP4-Manager-Server-4-3-BYOS Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 java-11-openjdk-11.0.4.0-3.33.1 java-11-openjdk-devel-11.0.4.0-3.33.1 java-11-openjdk-headless-11.0.4.0-3.33.1 java-11-openjdk-accessibility-11.0.4.0-3.33.1 java-11-openjdk-demo-11.0.4.0-3.33.1 java-11-openjdk-javadoc-11.0.4.0-3.33.1 java-11-openjdk-jmods-11.0.4.0-3.33.1 java-11-openjdk-src-11.0.4.0-3.33.1 java-11-openjdk-11.0.4.0-3.33.1 as a component of Container bci/openjdk-devel:11 java-11-openjdk-devel-11.0.4.0-3.33.1 as a component of Container bci/openjdk-devel:11 java-11-openjdk-headless-11.0.4.0-3.33.1 as a component of Container bci/openjdk-devel:11 java-11-openjdk-11.0.4.0-3.33.1 as a component of Container bci/openjdk:11 java-11-openjdk-headless-11.0.4.0-3.33.1 as a component of Container bci/openjdk:11 java-11-openjdk-11.0.4.0-3.33.1 as a component of Container bci/openjdk:latest java-11-openjdk-headless-11.0.4.0-3.33.1 as a component of Container bci/openjdk:latest java-11-openjdk-11.0.4.0-3.33.1 as a component of Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server java-11-openjdk-headless-11.0.4.0-3.33.1 as a component of Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server java-11-openjdk-11.0.4.0-3.33.1 as a component of Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server java-11-openjdk-headless-11.0.4.0-3.33.1 as a component of Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server java-11-openjdk-11.0.4.0-3.33.1 as a component of Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server java-11-openjdk-headless-11.0.4.0-3.33.1 as a component of Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server java-11-openjdk-11.0.4.0-3.33.1 as a component of Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure java-11-openjdk-headless-11.0.4.0-3.33.1 as a component of Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure java-11-openjdk-11.0.4.0-3.33.1 as a component of Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM java-11-openjdk-headless-11.0.4.0-3.33.1 as a component of Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM java-11-openjdk-11.0.4.0-3.33.1 as a component of Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE java-11-openjdk-headless-11.0.4.0-3.33.1 as a component of Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE java-11-openjdk-11.0.4.0-3.33.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure java-11-openjdk-headless-11.0.4.0-3.33.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure java-11-openjdk-11.0.4.0-3.33.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM java-11-openjdk-headless-11.0.4.0-3.33.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM java-11-openjdk-11.0.4.0-3.33.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE java-11-openjdk-headless-11.0.4.0-3.33.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE java-11-openjdk-11.0.4.0-3.33.1 as a component of Image SLES15-SP4-Manager-Server-4-3-BYOS java-11-openjdk-headless-11.0.4.0-3.33.1 as a component of Image SLES15-SP4-Manager-Server-4-3-BYOS java-11-openjdk-11.0.4.0-3.33.1 as a component of Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure java-11-openjdk-headless-11.0.4.0-3.33.1 as a component of Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure java-11-openjdk-11.0.4.0-3.33.1 as a component of Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2 java-11-openjdk-headless-11.0.4.0-3.33.1 as a component of Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2 java-11-openjdk-11.0.4.0-3.33.1 as a component of Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE java-11-openjdk-headless-11.0.4.0-3.33.1 as a component of Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE java-11-openjdk-11.0.4.0-3.33.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 java-11-openjdk-demo-11.0.4.0-3.33.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 java-11-openjdk-devel-11.0.4.0-3.33.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 java-11-openjdk-headless-11.0.4.0-3.33.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 java-11-openjdk-11.0.4.0-3.33.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP1 java-11-openjdk-demo-11.0.4.0-3.33.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP1 java-11-openjdk-devel-11.0.4.0-3.33.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP1 java-11-openjdk-headless-11.0.4.0-3.33.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP1 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 7u221, 8u212 and 11.0.3. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE executes to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N). CVE-2019-2745 Container bci/openjdk-devel:11:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk-devel:11:java-11-openjdk-devel-11.0.4.0-3.33.1 Container bci/openjdk-devel:11:java-11-openjdk-headless-11.0.4.0-3.33.1 Container bci/openjdk:11:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk:11:java-11-openjdk-headless-11.0.4.0-3.33.1 Container bci/openjdk:latest:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk:latest:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS:java-11-openjdk-headless-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-20192002-1/ https://www.suse.com/security/cve/CVE-2019-2745.html CVE-2019-2745 https://bugzilla.suse.com/1141784 SUSE Bug 1141784 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2019-2762 Container bci/openjdk-devel:11:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk-devel:11:java-11-openjdk-devel-11.0.4.0-3.33.1 Container bci/openjdk-devel:11:java-11-openjdk-headless-11.0.4.0-3.33.1 Container bci/openjdk:11:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk:11:java-11-openjdk-headless-11.0.4.0-3.33.1 Container bci/openjdk:latest:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk:latest:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS:java-11-openjdk-headless-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-20192002-1/ https://www.suse.com/security/cve/CVE-2019-2762.html CVE-2019-2762 https://bugzilla.suse.com/1141782 SUSE Bug 1141782 https://bugzilla.suse.com/1147021 SUSE Bug 1147021 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N). CVE-2019-2766 Container bci/openjdk-devel:11:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk-devel:11:java-11-openjdk-devel-11.0.4.0-3.33.1 Container bci/openjdk-devel:11:java-11-openjdk-headless-11.0.4.0-3.33.1 Container bci/openjdk:11:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk:11:java-11-openjdk-headless-11.0.4.0-3.33.1 Container bci/openjdk:latest:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk:latest:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS:java-11-openjdk-headless-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-20192002-1/ https://www.suse.com/security/cve/CVE-2019-2766.html CVE-2019-2766 https://bugzilla.suse.com/1141789 SUSE Bug 1141789 https://bugzilla.suse.com/1147021 SUSE Bug 1147021 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2019-2769 Container bci/openjdk-devel:11:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk-devel:11:java-11-openjdk-devel-11.0.4.0-3.33.1 Container bci/openjdk-devel:11:java-11-openjdk-headless-11.0.4.0-3.33.1 Container bci/openjdk:11:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk:11:java-11-openjdk-headless-11.0.4.0-3.33.1 Container bci/openjdk:latest:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk:latest:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS:java-11-openjdk-headless-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-20192002-1/ https://www.suse.com/security/cve/CVE-2019-2769.html CVE-2019-2769 https://bugzilla.suse.com/1141783 SUSE Bug 1141783 https://bugzilla.suse.com/1147021 SUSE Bug 1147021 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N). CVE-2019-2786 Container bci/openjdk-devel:11:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk-devel:11:java-11-openjdk-devel-11.0.4.0-3.33.1 Container bci/openjdk-devel:11:java-11-openjdk-headless-11.0.4.0-3.33.1 Container bci/openjdk:11:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk:11:java-11-openjdk-headless-11.0.4.0-3.33.1 Container bci/openjdk:latest:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk:latest:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS:java-11-openjdk-headless-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-20192002-1/ https://www.suse.com/security/cve/CVE-2019-2786.html CVE-2019-2786 https://bugzilla.suse.com/1141787 SUSE Bug 1141787 https://bugzilla.suse.com/1147021 SUSE Bug 1147021 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). CVE-2019-2816 Container bci/openjdk-devel:11:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk-devel:11:java-11-openjdk-devel-11.0.4.0-3.33.1 Container bci/openjdk-devel:11:java-11-openjdk-headless-11.0.4.0-3.33.1 Container bci/openjdk:11:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk:11:java-11-openjdk-headless-11.0.4.0-3.33.1 Container bci/openjdk:latest:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk:latest:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS:java-11-openjdk-headless-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-20192002-1/ https://www.suse.com/security/cve/CVE-2019-2816.html CVE-2019-2816 https://bugzilla.suse.com/1141785 SUSE Bug 1141785 https://bugzilla.suse.com/1147021 SUSE Bug 1147021 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N). CVE-2019-2818 Container bci/openjdk-devel:11:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk-devel:11:java-11-openjdk-devel-11.0.4.0-3.33.1 Container bci/openjdk-devel:11:java-11-openjdk-headless-11.0.4.0-3.33.1 Container bci/openjdk:11:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk:11:java-11-openjdk-headless-11.0.4.0-3.33.1 Container bci/openjdk:latest:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk:latest:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS:java-11-openjdk-headless-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-20192002-1/ https://www.suse.com/security/cve/CVE-2019-2818.html CVE-2019-2818 https://bugzilla.suse.com/1141788 SUSE Bug 1141788 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N). CVE-2019-2821 Container bci/openjdk-devel:11:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk-devel:11:java-11-openjdk-devel-11.0.4.0-3.33.1 Container bci/openjdk-devel:11:java-11-openjdk-headless-11.0.4.0-3.33.1 Container bci/openjdk:11:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk:11:java-11-openjdk-headless-11.0.4.0-3.33.1 Container bci/openjdk:latest:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk:latest:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS:java-11-openjdk-headless-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-20192002-1/ https://www.suse.com/security/cve/CVE-2019-2821.html CVE-2019-2821 https://bugzilla.suse.com/1141781 SUSE Bug 1141781 png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. CVE-2019-7317 Container bci/openjdk-devel:11:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk-devel:11:java-11-openjdk-devel-11.0.4.0-3.33.1 Container bci/openjdk-devel:11:java-11-openjdk-headless-11.0.4.0-3.33.1 Container bci/openjdk:11:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk:11:java-11-openjdk-headless-11.0.4.0-3.33.1 Container bci/openjdk:latest:java-11-openjdk-11.0.4.0-3.33.1 Container bci/openjdk:latest:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE:java-11-openjdk-headless-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS:java-11-openjdk-11.0.4.0-3.33.1 Image SLES15-SP4-Manager-Server-4-3-BYOS:java-11-openjdk-headless-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1 SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-20192002-1/ https://www.suse.com/security/cve/CVE-2019-7317.html CVE-2019-7317 https://bugzilla.suse.com/1124211 SUSE Bug 1124211 https://bugzilla.suse.com/1135824 SUSE Bug 1135824 https://bugzilla.suse.com/1141780 SUSE Bug 1141780 https://bugzilla.suse.com/1147021 SUSE Bug 1147021 https://bugzilla.suse.com/1165297 SUSE Bug 1165297