suse-su-2015:0503-1
Vulnerability from csaf_suse
Published
2015-03-09 15:33
Modified
2015-03-09 15:33
Summary
Security update for java-1_7_0-openjdk
Notes
Title of the patch
Security update for java-1_7_0-openjdk
Description of the patch
This update fixes 13 security issues.
These security issues were fixed:
- CVE-2015-0395: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot (bnc#914041).
- CVE-2015-0400: Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality via unknown vectors related to Libraries (bnc#914041).
- CVE-2015-0383: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allowed local users to affect integrity and availability via unknown vectors related to Hotspot (bnc#914041).
- CVE-2015-0412: Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS (bnc#914041).
- CVE-2015-0407: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality via unknown vectors related to Swing (bnc#914041).
- CVE-2015-0408: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI (bnc#914041).
- CVE-2014-6585: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality via unknown vectors reelated to 2D, a different vulnerability than CVE-2014-6591 (bnc#914041).
- CVE-2014-6587: Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allowed local users to affect confidentiality, integrity, and availability via unknown vectors related to Libraries (bnc#914041).
- CVE-2014-6591: Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6585 (bnc#914041).
- CVE-2014-6593: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit 27.8.4 and 28.3.4 allowed remote attackers to affect confidentiality and integrity via vectors related to JSSE (bnc#914041).
- CVE-2014-6601: Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot (bnc#914041).
- CVE-2015-0410: Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allowed remote attackers to affect availability via unknown vectors related to Security (bnc#914041).
- CVE-2014-3566: The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, used nondeterministic CBC padding, which made it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the 'POODLE' issue (bnc#901223).
These non-security issues were fixed:
- Update protocol support (S8046656).
- Fewer escapes from escape analysis (S8047130).
- Better GC validation (S8049253).
- TLAB stability (S8055479).
Patchnames
SUSE-SLE-DESKTOP-12-2015-122,SUSE-SLE-SERVER-12-2015-122
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for java-1_7_0-openjdk",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes 13 security issues.\n\nThese security issues were fixed:\n- CVE-2015-0395: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot (bnc#914041).\n- CVE-2015-0400: Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality via unknown vectors related to Libraries (bnc#914041).\n- CVE-2015-0383: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allowed local users to affect integrity and availability via unknown vectors related to Hotspot (bnc#914041).\n- CVE-2015-0412: Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS (bnc#914041).\n- CVE-2015-0407: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality via unknown vectors related to Swing (bnc#914041).\n- CVE-2015-0408: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI (bnc#914041).\n- CVE-2014-6585: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality via unknown vectors reelated to 2D, a different vulnerability than CVE-2014-6591 (bnc#914041).\n- CVE-2014-6587: Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allowed local users to affect confidentiality, integrity, and availability via unknown vectors related to Libraries (bnc#914041).\n- CVE-2014-6591: Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6585 (bnc#914041).\n- CVE-2014-6593: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit 27.8.4 and 28.3.4 allowed remote attackers to affect confidentiality and integrity via vectors related to JSSE (bnc#914041).\n- CVE-2014-6601: Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot (bnc#914041).\n- CVE-2015-0410: Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allowed remote attackers to affect availability via unknown vectors related to Security (bnc#914041).\n- CVE-2014-3566: The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, used nondeterministic CBC padding, which made it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the \u0027POODLE\u0027 issue (bnc#901223).\n\nThese non-security issues were fixed:\n- Update protocol support (S8046656).\n- Fewer escapes from escape analysis (S8047130).\n- Better GC validation (S8049253).\n- TLAB stability (S8055479).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-2015-122,SUSE-SLE-SERVER-12-2015-122",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_0503-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2015:0503-1",
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150503-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2015:0503-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2015-March/001288.html"
},
{
"category": "self",
"summary": "SUSE Bug 901223",
"url": "https://bugzilla.suse.com/901223"
},
{
"category": "self",
"summary": "SUSE Bug 914041",
"url": "https://bugzilla.suse.com/914041"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-3566 page",
"url": "https://www.suse.com/security/cve/CVE-2014-3566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-6585 page",
"url": "https://www.suse.com/security/cve/CVE-2014-6585/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-6587 page",
"url": "https://www.suse.com/security/cve/CVE-2014-6587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-6591 page",
"url": "https://www.suse.com/security/cve/CVE-2014-6591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-6593 page",
"url": "https://www.suse.com/security/cve/CVE-2014-6593/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-6601 page",
"url": "https://www.suse.com/security/cve/CVE-2014-6601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0383 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0383/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0395 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0395/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0400 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0400/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0407 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0407/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0408 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0408/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0410 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0410/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0412 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0412/"
}
],
"title": "Security update for java-1_7_0-openjdk",
"tracking": {
"current_release_date": "2015-03-09T15:33:05Z",
"generator": {
"date": "2015-03-09T15:33:05Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2015:0503-1",
"initial_release_date": "2015-03-09T15:33:05Z",
"revision_history": [
{
"date": "2015-03-09T15:33:05Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"product": {
"name": "java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"product_id": "java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"product": {
"name": "java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"product_id": "java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"product": {
"name": "java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"product_id": "java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"product": {
"name": "java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"product_id": "java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"product": {
"name": "java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"product_id": "java-1_7_0-openjdk-1.7.0.75-11.3.s390x"
}
},
{
"category": "product_version",
"name": "java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"product": {
"name": "java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"product_id": "java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x"
}
},
{
"category": "product_version",
"name": "java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"product": {
"name": "java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"product_id": "java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x"
}
},
{
"category": "product_version",
"name": "java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"product": {
"name": "java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"product_id": "java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"product": {
"name": "java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"product_id": "java-1_7_0-openjdk-1.7.0.75-11.3.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"product": {
"name": "java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"product_id": "java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"product": {
"name": "java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"product_id": "java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"product": {
"name": "java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"product_id": "java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12",
"product": {
"name": "SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12",
"product": {
"name": "SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-1.7.0.75-11.3.x86_64 as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64"
},
"product_reference": "java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64 as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
},
"product_reference": "java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le"
},
"product_reference": "java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-1.7.0.75-11.3.s390x as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x"
},
"product_reference": "java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-1.7.0.75-11.3.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64"
},
"product_reference": "java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le"
},
"product_reference": "java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x"
},
"product_reference": "java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64"
},
"product_reference": "java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le"
},
"product_reference": "java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x"
},
"product_reference": "java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64"
},
"product_reference": "java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le"
},
"product_reference": "java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x"
},
"product_reference": "java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
},
"product_reference": "java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le"
},
"product_reference": "java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-1.7.0.75-11.3.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x"
},
"product_reference": "java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-1.7.0.75-11.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64"
},
"product_reference": "java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le"
},
"product_reference": "java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x"
},
"product_reference": "java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64"
},
"product_reference": "java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le"
},
"product_reference": "java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x"
},
"product_reference": "java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64"
},
"product_reference": "java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le"
},
"product_reference": "java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x"
},
"product_reference": "java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
},
"product_reference": "java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-3566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-3566"
}
],
"notes": [
{
"category": "general",
"text": "The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the \"POODLE\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-3566",
"url": "https://www.suse.com/security/cve/CVE-2014-3566"
},
{
"category": "external",
"summary": "SUSE Bug 1011293 for CVE-2014-3566",
"url": "https://bugzilla.suse.com/1011293"
},
{
"category": "external",
"summary": "SUSE Bug 1031023 for CVE-2014-3566",
"url": "https://bugzilla.suse.com/1031023"
},
{
"category": "external",
"summary": "SUSE Bug 901223 for CVE-2014-3566",
"url": "https://bugzilla.suse.com/901223"
},
{
"category": "external",
"summary": "SUSE Bug 901254 for CVE-2014-3566",
"url": "https://bugzilla.suse.com/901254"
},
{
"category": "external",
"summary": "SUSE Bug 901277 for CVE-2014-3566",
"url": "https://bugzilla.suse.com/901277"
},
{
"category": "external",
"summary": "SUSE Bug 901748 for CVE-2014-3566",
"url": "https://bugzilla.suse.com/901748"
},
{
"category": "external",
"summary": "SUSE Bug 901757 for CVE-2014-3566",
"url": "https://bugzilla.suse.com/901757"
},
{
"category": "external",
"summary": "SUSE Bug 901759 for CVE-2014-3566",
"url": "https://bugzilla.suse.com/901759"
},
{
"category": "external",
"summary": "SUSE Bug 901889 for CVE-2014-3566",
"url": "https://bugzilla.suse.com/901889"
},
{
"category": "external",
"summary": "SUSE Bug 901968 for CVE-2014-3566",
"url": "https://bugzilla.suse.com/901968"
},
{
"category": "external",
"summary": "SUSE Bug 902229 for CVE-2014-3566",
"url": "https://bugzilla.suse.com/902229"
},
{
"category": "external",
"summary": "SUSE Bug 902233 for CVE-2014-3566",
"url": "https://bugzilla.suse.com/902233"
},
{
"category": "external",
"summary": "SUSE Bug 902476 for CVE-2014-3566",
"url": "https://bugzilla.suse.com/902476"
},
{
"category": "external",
"summary": "SUSE Bug 903405 for CVE-2014-3566",
"url": "https://bugzilla.suse.com/903405"
},
{
"category": "external",
"summary": "SUSE Bug 903684 for CVE-2014-3566",
"url": "https://bugzilla.suse.com/903684"
},
{
"category": "external",
"summary": "SUSE Bug 904889 for CVE-2014-3566",
"url": "https://bugzilla.suse.com/904889"
},
{
"category": "external",
"summary": "SUSE Bug 905106 for CVE-2014-3566",
"url": "https://bugzilla.suse.com/905106"
},
{
"category": "external",
"summary": "SUSE Bug 914041 for CVE-2014-3566",
"url": "https://bugzilla.suse.com/914041"
},
{
"category": "external",
"summary": "SUSE Bug 994144 for CVE-2014-3566",
"url": "https://bugzilla.suse.com/994144"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-03-09T15:33:05Z",
"details": "critical"
}
],
"title": "CVE-2014-3566"
},
{
"cve": "CVE-2014-6585",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-6585"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6591.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-6585",
"url": "https://www.suse.com/security/cve/CVE-2014-6585"
},
{
"category": "external",
"summary": "SUSE Bug 914041 for CVE-2014-6585",
"url": "https://bugzilla.suse.com/914041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-03-09T15:33:05Z",
"details": "moderate"
}
],
"title": "CVE-2014-6585"
},
{
"cve": "CVE-2014-6587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-6587"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-6587",
"url": "https://www.suse.com/security/cve/CVE-2014-6587"
},
{
"category": "external",
"summary": "SUSE Bug 914041 for CVE-2014-6587",
"url": "https://bugzilla.suse.com/914041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-03-09T15:33:05Z",
"details": "critical"
}
],
"title": "CVE-2014-6587"
},
{
"cve": "CVE-2014-6591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-6591"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6585.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-6591",
"url": "https://www.suse.com/security/cve/CVE-2014-6591"
},
{
"category": "external",
"summary": "SUSE Bug 914041 for CVE-2014-6591",
"url": "https://bugzilla.suse.com/914041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-03-09T15:33:05Z",
"details": "critical"
}
],
"title": "CVE-2014-6591"
},
{
"cve": "CVE-2014-6593",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-6593"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit 27.8.4 and 28.3.4 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-6593",
"url": "https://www.suse.com/security/cve/CVE-2014-6593"
},
{
"category": "external",
"summary": "SUSE Bug 914041 for CVE-2014-6593",
"url": "https://bugzilla.suse.com/914041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-03-09T15:33:05Z",
"details": "critical"
}
],
"title": "CVE-2014-6593"
},
{
"cve": "CVE-2014-6601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-6601"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-6601",
"url": "https://www.suse.com/security/cve/CVE-2014-6601"
},
{
"category": "external",
"summary": "SUSE Bug 914041 for CVE-2014-6601",
"url": "https://bugzilla.suse.com/914041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-03-09T15:33:05Z",
"details": "critical"
}
],
"title": "CVE-2014-6601"
},
{
"cve": "CVE-2015-0383",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0383"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0383",
"url": "https://www.suse.com/security/cve/CVE-2015-0383"
},
{
"category": "external",
"summary": "SUSE Bug 914041 for CVE-2015-0383",
"url": "https://bugzilla.suse.com/914041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-03-09T15:33:05Z",
"details": "moderate"
}
],
"title": "CVE-2015-0383"
},
{
"cve": "CVE-2015-0395",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0395"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0395",
"url": "https://www.suse.com/security/cve/CVE-2015-0395"
},
{
"category": "external",
"summary": "SUSE Bug 914041 for CVE-2015-0395",
"url": "https://bugzilla.suse.com/914041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-03-09T15:33:05Z",
"details": "critical"
}
],
"title": "CVE-2015-0395"
},
{
"cve": "CVE-2015-0400",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0400"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Libraries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0400",
"url": "https://www.suse.com/security/cve/CVE-2015-0400"
},
{
"category": "external",
"summary": "SUSE Bug 914041 for CVE-2015-0400",
"url": "https://bugzilla.suse.com/914041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-03-09T15:33:05Z",
"details": "critical"
}
],
"title": "CVE-2015-0400"
},
{
"cve": "CVE-2015-0407",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0407"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Swing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0407",
"url": "https://www.suse.com/security/cve/CVE-2015-0407"
},
{
"category": "external",
"summary": "SUSE Bug 914041 for CVE-2015-0407",
"url": "https://bugzilla.suse.com/914041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-03-09T15:33:05Z",
"details": "critical"
}
],
"title": "CVE-2015-0407"
},
{
"cve": "CVE-2015-0408",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0408"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0408",
"url": "https://www.suse.com/security/cve/CVE-2015-0408"
},
{
"category": "external",
"summary": "SUSE Bug 914041 for CVE-2015-0408",
"url": "https://bugzilla.suse.com/914041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-03-09T15:33:05Z",
"details": "critical"
}
],
"title": "CVE-2015-0408"
},
{
"cve": "CVE-2015-0410",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0410"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown vectors related to Security.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0410",
"url": "https://www.suse.com/security/cve/CVE-2015-0410"
},
{
"category": "external",
"summary": "SUSE Bug 914041 for CVE-2015-0410",
"url": "https://bugzilla.suse.com/914041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-03-09T15:33:05Z",
"details": "critical"
}
],
"title": "CVE-2015-0410"
},
{
"cve": "CVE-2015-0412",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0412"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0412",
"url": "https://www.suse.com/security/cve/CVE-2015-0412"
},
{
"category": "external",
"summary": "SUSE Bug 914041 for CVE-2015-0412",
"url": "https://bugzilla.suse.com/914041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-demo-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-devel-1.7.0.75-11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_0-openjdk-headless-1.7.0.75-11.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-03-09T15:33:05Z",
"details": "critical"
}
],
"title": "CVE-2015-0412"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…