{"affected":[{"ecosystem_specific":{"binaries":[{"java-1_8_0-openjdk":"1.8.0.232-lp151.2.6.1","java-1_8_0-openjdk-accessibility":"1.8.0.232-lp151.2.6.1","java-1_8_0-openjdk-demo":"1.8.0.232-lp151.2.6.1","java-1_8_0-openjdk-devel":"1.8.0.232-lp151.2.6.1","java-1_8_0-openjdk-headless":"1.8.0.232-lp151.2.6.1","java-1_8_0-openjdk-javadoc":"1.8.0.232-lp151.2.6.1","java-1_8_0-openjdk-src":"1.8.0.232-lp151.2.6.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.1","name":"java-1_8_0-openjdk","purl":"pkg:rpm/opensuse/java-1_8_0-openjdk&distro=openSUSE%20Leap%2015.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.8.0.232-lp151.2.6.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for java-1_8_0-openjdk (jdk8u232/icedtea 3.14.0) fixes the following issues:\n\nSecurity issues fixed (bsc#1154212):\n\n- CVE-2019-2933: Windows file handling redux\n- CVE-2019-2945: Better socket support\n- CVE-2019-2949: Better Kerberos ccache handling\n- CVE-2019-2958: Build Better Processes\n- CVE-2019-2964: Better support for patterns\n- CVE-2019-2962: Better Glyph Images\n- CVE-2019-2973: Better pattern compilation\n- CVE-2019-2975: Unexpected exception in jjs\n- CVE-2019-2978: Improved handling of jar files\n- CVE-2019-2981: Better Path supports\n- CVE-2019-2983: Better serial attributes\n- CVE-2019-2987: Better rendering of native glyphs\n- CVE-2019-2988: Better Graphics2D drawing\n- CVE-2019-2989: Improve TLS connection support\n- CVE-2019-2992: Enhance font glyph mapping\n- CVE-2019-2999: Commentary on Javadoc comments\n- CVE-2019-2894: Enhance ECDSA operations (bsc#1152856)\n\nBug fixes:\n\n- Fixed build failuers on ARM (bsc#1138529).\n\nThis update was imported from the SUSE:SLE-15:Update update project.","id":"openSUSE-SU-2019:2687-1","modified":"2019-12-15T15:11:34Z","published":"2019-12-15T15:11:34Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/I6ALR2AGAFL63Y6TKSBCMO2DIQNCCY5U/#I6ALR2AGAFL63Y6TKSBCMO2DIQNCCY5U"},{"type":"REPORT","url":"https://bugzilla.suse.com/1138529"},{"type":"REPORT","url":"https://bugzilla.suse.com/1152856"},{"type":"REPORT","url":"https://bugzilla.suse.com/1154212"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-2894"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-2933"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-2945"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-2949"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-2958"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-2962"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-2964"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-2973"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-2975"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-2978"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-2981"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-2983"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-2987"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-2988"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-2989"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-2992"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-2999"}],"related":["CVE-2019-2894","CVE-2019-2933","CVE-2019-2945","CVE-2019-2949","CVE-2019-2958","CVE-2019-2962","CVE-2019-2964","CVE-2019-2973","CVE-2019-2975","CVE-2019-2978","CVE-2019-2981","CVE-2019-2983","CVE-2019-2987","CVE-2019-2988","CVE-2019-2989","CVE-2019-2992","CVE-2019-2999"],"summary":"Security update for java-1_8_0-openjdk","upstream":["CVE-2019-2894","CVE-2019-2933","CVE-2019-2945","CVE-2019-2949","CVE-2019-2958","CVE-2019-2962","CVE-2019-2964","CVE-2019-2973","CVE-2019-2975","CVE-2019-2978","CVE-2019-2981","CVE-2019-2983","CVE-2019-2987","CVE-2019-2988","CVE-2019-2989","CVE-2019-2992","CVE-2019-2999"]}