Detections
Analytics
SuSE 11.3 Security Update : OpenJDK (SAT Patch Number 9209)
critical Nessus Plugin ID 74007
Language:
Synopsis
The remote SuSE 11 host is missing one or more security updates.Description
This java-1_7_0-openjdk update to version 2.4.7 fixes the following security and non-security issues :- Security fixes
- S8023046: Enhance splashscreen support
- S8025005: Enhance CORBA initializations
- S8025010, CVE-2014-2412: Enhance AWT contexts
- S8025030, CVE-2014-2414: Enhance stream handling
- S8025152, CVE-2014-0458: Enhance activation set up
- S8026067: Enhance signed jar verification
- S8026163, CVE-2014-2427: Enhance media provisioning
- S8026188, CVE-2014-2423: Enhance envelope factory
- S8026200: Enhance RowSet Factory
- S8026716, CVE-2014-2402: (aio) Enhance asynchronous channel handling
- S8026736, CVE-2014-2398: Enhance Javadoc pages
- S8026797, CVE-2014-0451: Enhance data transfers
- S8026801, CVE-2014-0452: Enhance endpoint addressing
- S8027766, CVE-2014-0453: Enhance RSA processing
- S8027775: Enhance ICU code.
- S8027841, CVE-2014-0429: Enhance pixel manipulations
- S8028385: Enhance RowSet Factory
- S8029282, CVE-2014-2403: Enhance CharInfo set up
- S8029286: Enhance subject delegation
- S8029699: Update Poller demo
- S8029730: Improve audio device additions
- S8029735: Enhance service mgmt natives
- S8029740, CVE-2014-0446: Enhance handling of loggers
- S8029745, CVE-2014-0454: Enhance algorithm checking
- S8029750: Enhance LCMS color processing (in-tree LCMS)
- S8029760, CVE-2013-6629: Enhance AWT image libraries (in-tree libjpeg)
- S8029844, CVE-2014-0455: Enhance argument validation
- S8029854, CVE-2014-2421: Enhance JPEG decodings
- S8029858, CVE-2014-0456: Enhance array copies
- S8030731, CVE-2014-0460: Improve name service robustness
- S8031330: Refactor ObjectFactory
- S8031335, CVE-2014-0459: Better color profiling (in-tree LCMS)
- S8031352, CVE-2013-6954: Enhance PNG handling (in-tree libpng)
- S8031394, CVE-2014-0457: (sl) Fix exception handling in ServiceLoader
- S8031395: Enhance LDAP processing
- S8032686, CVE-2014-2413: Issues with method invoke
- S8033618, CVE-2014-1876: Correct logging output
- S8034926, CVE-2014-2397: Attribute classes properly
- S8036794, CVE-2014-0461: Manage JavaScript instances
- Backports
- S8004145: New improved hgforest.sh, ctrl-c now properly terminates mercurial processes.
- S8007625: race with nested repos in /common/bin/hgforest.sh
- S8011178: improve common/bin/hgforest.sh python detection (MacOS)
- S8011342: hgforest.sh : 'python --version' not supported on older python
- S8011350: hgforest.sh uses non-POSIX sh features that may fail with some shells
- S8024200: handle hg wrapper with space after #!
- S8025796: hgforest.sh could trigger unbuffered output from hg without complicated machinations
- S8028388: 9 jaxws tests failed in nightly build with java.lang.ClassCastException
- S8031477: [macosx] Loading AWT native library fails
- S8032370: No 'Truncated file' warning from IIOReadWarningListener on JPEGImageReader
- S8035834: InetAddress.getLocalHost() can hang after JDK-8030731 was fixed
- Bug fixes
- PR1393: JPEG support in build is broken on non-system-libjpeg builds
- PR1726: configure fails looking for ecj.jar before even trying to find javac
- Red Hat local: Fix for repo with path statting with / .
- Remove unused hgforest script
Solution
Apply SAT patch number 9209.See Also
https://bugzilla.novell.com/show_bug.cgi?id=873873
http://support.novell.com/security/cve/CVE-2013-6629.html
http://support.novell.com/security/cve/CVE-2013-6954.html
http://support.novell.com/security/cve/CVE-2014-0429.html
http://support.novell.com/security/cve/CVE-2014-0446.html
http://support.novell.com/security/cve/CVE-2014-0451.html
http://support.novell.com/security/cve/CVE-2014-0452.html
http://support.novell.com/security/cve/CVE-2014-0453.html
http://support.novell.com/security/cve/CVE-2014-0454.html
http://support.novell.com/security/cve/CVE-2014-0455.html
http://support.novell.com/security/cve/CVE-2014-0456.html
http://support.novell.com/security/cve/CVE-2014-0457.html
http://support.novell.com/security/cve/CVE-2014-0458.html
http://support.novell.com/security/cve/CVE-2014-0459.html
http://support.novell.com/security/cve/CVE-2014-0460.html
http://support.novell.com/security/cve/CVE-2014-0461.html
http://support.novell.com/security/cve/CVE-2014-1876.html
http://support.novell.com/security/cve/CVE-2014-2397.html
http://support.novell.com/security/cve/CVE-2014-2398.html
http://support.novell.com/security/cve/CVE-2014-2402.html
http://support.novell.com/security/cve/CVE-2014-2403.html
http://support.novell.com/security/cve/CVE-2014-2412.html
http://support.novell.com/security/cve/CVE-2014-2413.html
http://support.novell.com/security/cve/CVE-2014-2414.html
http://support.novell.com/security/cve/CVE-2014-2421.html
Plugin Details
Severity: Critical
ID: 74007
File Name: suse_11_java-1_7_0-openjdk-140508.nasl
Version: 1.5
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 5/14/2014
Updated: 1/19/2021
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.3
CVSS v2
Risk Factor: Critical
Base Score: 10
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:11:java-1_7_0-openjdk-devel, cpe:/o:novell:suse_linux:11, p-cpe:/a:novell:suse_linux:11:java-1_7_0-openjdk-demo, p-cpe:/a:novell:suse_linux:11:java-1_7_0-openjdk
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Patch Publication Date: 5/8/2014
Reference Information
CVE: CVE-2013-6629, CVE-2013-6954, CVE-2014-0429, CVE-2014-0446, CVE-2014-0451, CVE-2014-0452, CVE-2014-0453, CVE-2014-0454, CVE-2014-0455, CVE-2014-0456, CVE-2014-0457, CVE-2014-0458, CVE-2014-0459, CVE-2014-0460, CVE-2014-0461, CVE-2014-1876, CVE-2014-2397, CVE-2014-2398, CVE-2014-2402, CVE-2014-2403, CVE-2014-2412, CVE-2014-2413, CVE-2014-2414, CVE-2014-2421, CVE-2014-2423, CVE-2014-2427