Detections
Analytics

openSUSE Security Update : java-11-openjdk (openSUSE-2020-1175)

high Nessus Plugin ID 139451

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for java-11-openjdk fixes the following issues :

 - Update to upstream tag jdk-11.0.8+10 (July 2020 CPU, bsc#1174157)

 - Security fixes :

 + JDK-8230613: Better ASCII conversions

 + JDK-8231800: Better listing of arrays

 + JDK-8232014: Expand DTD support

 + JDK-8233234: Better Zip Naming

 + JDK-8233239, CVE-2020-14562: Enhance TIFF support

 + JDK-8233255: Better Swing Buttons

 + JDK-8234032: Improve basic calendar services

 + JDK-8234042: Better factory production of certificates

 + JDK-8234418: Better parsing with CertificateFactory

 + JDK-8234836: Improve serialization handling

 + JDK-8236191: Enhance OID processing

 + JDK-8236867, CVE-2020-14573: Enhance Graal interface handling

 + JDK-8237117, CVE-2020-14556: Better ForkJoinPool behavior

 + JDK-8237592, CVE-2020-14577: Enhance certificate verification

 + JDK-8238002, CVE-2020-14581: Better matrix operations

 + JDK-8238013: Enhance String writing

 + JDK-8238804: Enhance key handling process

 + JDK-8238842: AIOOBE in GIFImageReader.initializeStringTable

 + JDK-8238843: Enhanced font handing

 + JDK-8238920, CVE-2020-14583: Better Buffer support

 + JDK-8238925: Enhance WAV file playback

 + JDK-8240119, CVE-2020-14593: Less Affine Transformations

 + JDK-8240482: Improved WAV file playback

 + JDK-8241379: Update JCEKS support

 + JDK-8241522: Manifest improved jar headers redux

 + JDK-8242136, CVE-2020-14621: Better XML namespace handling

 - Other changes :

 + JDK-6933331: (d3d/ogl) java.lang.IllegalStateException:
 Buffers have not been created

 + JDK-7124307: JSpinner and changing value by mouse

 + JDK-8022574: remove HaltNode code after uncommon trap calls

 + JDK-8039082: [TEST_BUG] Test java/awt/dnd/BadSerializationTest/BadSerializationTest.j ava fails

 + JDK-8040630: Popup menus and tooltips flicker with previous popup contents when first shown

 + JDK-8044365: (dc) MulticastSendReceiveTests.java failing with ENOMEM when joining group (OS X 10.9)

 + JDK-8048215: [TESTBUG] java/lang/management/ManagementFactory/ThreadMXBeanProxy .java Expected non-null LockInfo

 + JDK-8051349: nsk/jvmti/scenarios/sampling/SP06/sp06t003 fails in nightly

 + JDK-8080353: JShell: Better error message on attempting to add default method

 + JDK-8139876: Exclude hanging nsk/stress/stack from execution with deoptimization enabled

 + JDK-8146090: java/lang/ref/ReachabilityFenceTest.java fails with -XX:+DeoptimizeALot

 + JDK-8153430: jdk regression test MletParserLocaleTest, ParserInfiniteLoopTest reduce default timeout

 + JDK-8156207: Resource allocated BitMaps are often cleared unnecessarily

 + JDK-8159740: JShell: corralled declarations do not have correct source to wrapper mapping

 + JDK-8175984: ICC_Profile has un-needed, not-empty finalize method

 + JDK-8176359: Frame#setMaximizedbounds not working properly in multi screen environments

 + JDK-8183369: RFC unconformity of HttpURLConnection with proxy

 + JDK-8187078: -XX:+VerifyOops finds numerous problems when running JPRT

 + JDK-8189861: Refactor CacheFind

 + JDK-8191169: java/net/Authenticator/B4769350.java failed intermittently

 + JDK-8191930: [Graal] emits unparseable XML into compile log

 + JDK-8193879: Java debugger hangs on method invocation

 + JDK-8196019: java/awt/Window/Grab/GrabTest.java fails on Windows

 + JDK-8196181: sun/java2d/GdiRendering/InsetClipping.java fails

 + JDK-8198000:
 java/awt/List/EmptyListEventTest/EmptyListEventTest.java debug assert on Windows

 + JDK-8198001: java/awt/Menu/WrongParentAfterRemoveMenu/ /WrongParentAfterRemoveMenu.java debug assert on Windows

 + JDK-8198339: Test javax/swing/border/Test6981576.java is unstable

 + JDK-8200701: jdk/jshell/ExceptionsTest.java fails on Windows, after JDK-8198801

 + JDK-8203264: JNI exception pending in PlainDatagramSocketImpl.c:740

 + JDK-8203672: JNI exception pending in PlainSocketImpl.c

 + JDK-8203673: JNI exception pending in DualStackPlainDatagramSocketImpl.c:398

 + JDK-8204834: Fix confusing 'allocate' naming in OopStorage

 + JDK-8205399: Set node color on pinned HashMap.TreeNode deletion

 + JDK-8205653:
 test/jdk/sun/management/jmxremote/bootstrap/ /RmiRegistrySslTest.java and RmiSslBootstrapTest.sh fail with handshake_failure

 + JDK-8206179: com/sun/management/OperatingSystemMXBean/ /GetCommittedVirtualMemorySize.java fails with Committed virtual memory size illegal value

 + JDK-8207334: VM times out in VM_HandshakeAllThreads::doit() with RunThese30M

 + JDK-8208277: Code cache heap (-XX:ReservedCodeCacheSize) doesn't work with 1GB LargePages

This update was imported from the SUSE:SLE-15:Update update project.

Solution

Update the affected java-11-openjdk packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1174157

Plugin Details

Severity: High

ID: 139451

File Name: openSUSE-2020-1175.nasl

Version: 1.4

Type: local

Agent: unix

Published: 8/10/2020

Updated: 2/26/2024

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.5

CVSS v2

Risk Factor: Medium

Base Score: 5.8

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2020-14556

CVSS v3

Risk Factor: High

Base Score: 8.3

Temporal Score: 7.2

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2020-14583

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:java-11-openjdk-javadoc, p-cpe:/a:novell:opensuse:java-11-openjdk-debugsource, p-cpe:/a:novell:opensuse:java-11-openjdk-debuginfo, cpe:/o:novell:opensuse:15.1, p-cpe:/a:novell:opensuse:java-11-openjdk-src, p-cpe:/a:novell:opensuse:java-11-openjdk-jmods, p-cpe:/a:novell:opensuse:java-11-openjdk, p-cpe:/a:novell:opensuse:java-11-openjdk-demo, p-cpe:/a:novell:opensuse:java-11-openjdk-accessibility, p-cpe:/a:novell:opensuse:java-11-openjdk-headless, p-cpe:/a:novell:opensuse:java-11-openjdk-devel, p-cpe:/a:novell:opensuse:java-11-openjdk-accessibility-debuginfo

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 8/9/2020

Vulnerability Publication Date: 7/15/2020

Reference Information

CVE: CVE-2020-14556, CVE-2020-14562, CVE-2020-14573, CVE-2020-14577, CVE-2020-14581, CVE-2020-14583, CVE-2020-14593, CVE-2020-14621