suse-su-2016:1997-1
Vulnerability from csaf_suse
Published
2016-08-09 11:33
Modified
2016-08-09 11:33
Summary
Security update for java-1_7_0-openjdk
Notes
Title of the patch
Security update for java-1_7_0-openjdk
Description of the patch
This update for java-1_7_0-openjdk fixes the following issues:
- Update to 2.6.7 - OpenJDK 7u111
* Security fixes
- S8079718, CVE-2016-3458: IIOP Input Stream Hooking
(bsc#989732)
- S8145446, CVE-2016-3485: Perfect pipe placement (Windows
only) (bsc#989734)
- S8147771: Construction of static protection domains under
Javax custom policy
- S8148872, CVE-2016-3500: Complete name checking (bsc#989730)
- S8149962, CVE-2016-3508: Better delineation of XML processing
(bsc#989731)
- S8150752: Share Class Data
- S8151925: Font reference improvements
- S8152479, CVE-2016-3550: Coded byte streams (bsc#989733)
- S8155981, CVE-2016-3606: Bolster bytecode verification
(bsc#989722)
- S8155985, CVE-2016-3598: Persistent Parameter Processing
(bsc#989723)
- S8158571, CVE-2016-3610: Additional method handle validation
(bsc#989725)
- CVE-2016-3511 (bsc#989727)
- CVE-2016-3503 (bsc#989728)
- CVE-2016-3498 (bsc#989729)
* Import of OpenJDK 7 u111 build 0
- S6953295: Move few sun.security.{util, x509, pkcs} classes
used by keytool/jarsigner to another package
- S7060849: Eliminate pack200 build warnings
- S7064075: Security libraries don't build with
javac -Xlint:all,-deprecation -Werror
- S7069870: Parts of the JDK erroneously rely on generic array
initializers with diamond
- S7102686: Restructure timestamp code so that jars and modules
can more easily share the same code
- S7105780: Add SSLSocket client/SSLEngine server to templates
directory
- S7142339: PKCS7.java is needlessly creating SHA1PRNG
SecureRandom instances when timestamping is not done
- S7152582: PKCS11 tests should use the NSS libraries available
in the OS
- S7192202: Make sure keytool prints both unknown and
unparseable extensions
- S7194449: String resources for Key Tool and Policy Tool
should be in their respective packages
- S7196855: autotest.sh fails on ubuntu because libsoftokn.so
not found
- S7200682: TEST_BUG: keytool/autotest.sh still has problems
with libsoftokn.so
- S8002306: (se) Selector.open fails if invoked with thread
interrupt status set [win]
- S8009636: JARSigner including TimeStamp PolicyID
(TSAPolicyID) as defined in RFC3161
- S8019341: Update CookieHttpsClientTest to use the newer
framework.
- S8022228: Intermittent test failures in
sun/security/ssl/javax/net/ssl/NewAPIs
- S8022439: Fix lint warnings in sun.security.ec
- S8022594: Potential deadlock in <clinit> of
sun.nio.ch.Util/IOUtil
- S8023546: sun/security/mscapi/ShortRSAKey1024.sh fails
intermittently
- S8036612: [parfait] JNI exception pending in
jdk/src/windows/native/sun/security/mscapi/security.cpp
- S8037557: test SessionCacheSizeTests.java timeout
- S8038837: Add support to jarsigner for specifying timestamp
hash algorithm
- S8079410: Hotspot version to share the same update and build
version from JDK
- S8130735: javax.swing.TimerQueue: timer fires late when
another timer starts
- S8139436: sun.security.mscapi.KeyStore might load incomplete
data
- S8144313: Test SessionTimeOutTests can be timeout
- S8146387: Test SSLSession/SessionCacheSizeTests socket
accept timed out
- S8146669: Test SessionTimeOutTests fails intermittently
- S8146993: Several javax/management/remote/mandatory regression
tests fail after JDK-8138811
- S8147857: [TEST] RMIConnector logs attribute names incorrectly
- S8151841, PR3098: Build needs additional flags to compile
with GCC 6
- S8151876: (tz) Support tzdata2016d
- S8157077: 8u101 L10n resource file updates
- S8161262: Fix jdk build with gcc 4.1.2: -fno-strict-overflow
not known.
* Import of OpenJDK 7 u111 build 1
- S7081817: test/sun/security/provider/certpath/X509CertPath/IllegalCertificates.java failing
- S8140344: add support for 3 digit update release numbers
- S8145017: Add support for 3 digit hotspot minor version
numbers
- S8162344: The API changes made by CR 7064075 need to be
reverted
* Backports
- S2178143, PR2958: JVM crashes if the number of bound CPUs
changed during runtime
- S4900206, PR3101: Include worst-case rounding tests for Math
library functions
- S6260348, PR3067: GTK+ L&F JTextComponent not respecting
desktop caret blink rate
- S6934604, PR3075: enable parts of EliminateAutoBox by default
- S7043064, PR3020: sun/java2d/cmm/ tests failed against
RI b141 & b138-nightly
- S7051394, PR3020: NullPointerException when running
regression tests LoadProfileTest by using openjdk-7-b144
- S7086015, PR3013: fix
test/tools/javac/parser/netbeans/JavacParserTest.java
- S7119487, PR3013: JavacParserTest.java test fails on Windows
platforms
- S7124245, PR3020: [lcms] ColorConvertOp to color space
CS_GRAY apparently converts orange to 244,244,0
- S7159445, PR3013: (javac) emits inaccurate diagnostics for
enhanced for-loops
- S7175845, PR1437, RH1207129: 'jar uf' changes file
permissions unexpectedly
- S8005402, PR3020: Need to provide benchmarks for color
management
- S8005530, PR3020: [lcms] Improve performance of ColorConverOp
for default destinations
- S8005930, PR3020: [lcms] ColorConvertOp: Alpha channel is not
transferred from source to destination.
- S8013430, PR3020: REGRESSION:
closed/java/awt/color/ICC_Profile/LoadProfileTest/LoadProfileTest.java
fails with java.io.StreamCorruptedException: invalid type
code: EE since 8b87
- S8014286, PR3075: failed java/lang/Math/DivModTests.java
after 6934604 changes
- S8014959, PR3075: assert(Compile::current()->live_nodes() < (uint)MaxNodeLimit)
failed: Live Node limit exceeded limit
- S8019247, PR3075: SIGSEGV in compiled method
c8e.e.t_.getArray(Ljava/lang/Class;)[Ljava/lang/Object
- S8024511, PR3020: Crash during color profile destruction
- S8025429, PR3020: [parfait] warnings from b107 for
sun.java2d.cmm: JNI exception pending
- S8026702, PR3020: Fix for 8025429 breaks jdk build on windows
- S8026780, PR3020, RH1142587: Crash on PPC and PPC v2 for
Java_awt test suit
- S8047066, PR3020: Test test/sun/awt/image/bug8038000.java
fails with ClassCastException
- S8069181, PR3012, RH1015612: java.lang.AssertionError when
compiling JDK 1.4 code in JDK 8
- S8158260, PR2992, RH1341258: PPC64: unaligned Unsafe.getInt
can lead to the generation of illegal instructions (bsc#988651)
- S8159244, PR3075: Partially initialized string object created
by C2's string concat optimization may escape
* Bug fixes
- PR2799, RH1195203: Files are missing from resources.jar
- PR2900: Don't use WithSeed versions of NSS functions as they
don't fully process the seed
- PR3091: SystemTap is heavily confused by multiple JDKs
- PR3102: Extend 8022594 to AixPollPort
- PR3103: Handle case in clean-fonts where
linux.fontconfig.Gentoo.properties.old has not been created
- PR3111: Provide option to disable SystemTap tests
- PR3114: Don't assume system mime.types supports
text/x-java-source
- PR3115: Add check for elliptic curve cryptography
implementation
- PR3116: Add tests for Java debug info and source files
- PR3118: Path to agpl-3.0.txt not updated
- PR3119: Makefile handles cacerts as a symlink, but the
configure check doesn't
* AArch64 port
- S8148328, PR3100: aarch64: redundant lsr instructions in stub
code.
- S8148783, PR3100: aarch64: SEGV running SpecJBB2013
- S8148948, PR3100: aarch64: generate_copy_longs calls align()
incorrectly
- S8150045, PR3100: arraycopy causes segfaults in SATB during
garbage collection
- S8154537, PR3100: AArch64: some integer rotate instructions
are never emitted
- S8154739, PR3100: AArch64: TemplateTable::fast_xaccess loads
in wrong mode
- S8157906, PR3100: aarch64: some more integer rotate
instructions are never emitted
- Enable SunEC for SLE12 and Leap (bsc#982366)
- Fix aarch64 running with 48 bits va space (bsc#984684)
Patchnames
SUSE-SLE-DESKTOP-12-SP1-2016-1186,SUSE-SLE-SERVER-12-SP1-2016-1186
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for java-1_7_0-openjdk",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for java-1_7_0-openjdk fixes the following issues:\n\n- Update to 2.6.7 - OpenJDK 7u111\n * Security fixes\n - S8079718, CVE-2016-3458: IIOP Input Stream Hooking\n (bsc#989732)\n - S8145446, CVE-2016-3485: Perfect pipe placement (Windows\n only) (bsc#989734)\n - S8147771: Construction of static protection domains under\n Javax custom policy\n - S8148872, CVE-2016-3500: Complete name checking (bsc#989730)\n - S8149962, CVE-2016-3508: Better delineation of XML processing\n (bsc#989731)\n - S8150752: Share Class Data\n - S8151925: Font reference improvements\n - S8152479, CVE-2016-3550: Coded byte streams (bsc#989733)\n - S8155981, CVE-2016-3606: Bolster bytecode verification\n (bsc#989722)\n - S8155985, CVE-2016-3598: Persistent Parameter Processing\n (bsc#989723)\n - S8158571, CVE-2016-3610: Additional method handle validation\n (bsc#989725)\n - CVE-2016-3511 (bsc#989727)\n - CVE-2016-3503 (bsc#989728)\n - CVE-2016-3498 (bsc#989729)\n * Import of OpenJDK 7 u111 build 0\n - S6953295: Move few sun.security.{util, x509, pkcs} classes\n used by keytool/jarsigner to another package\n - S7060849: Eliminate pack200 build warnings\n - S7064075: Security libraries don\u0027t build with\n javac -Xlint:all,-deprecation -Werror\n - S7069870: Parts of the JDK erroneously rely on generic array\n initializers with diamond\n - S7102686: Restructure timestamp code so that jars and modules\n can more easily share the same code\n - S7105780: Add SSLSocket client/SSLEngine server to templates\n directory\n - S7142339: PKCS7.java is needlessly creating SHA1PRNG\n SecureRandom instances when timestamping is not done\n - S7152582: PKCS11 tests should use the NSS libraries available\n in the OS\n - S7192202: Make sure keytool prints both unknown and\n unparseable extensions\n - S7194449: String resources for Key Tool and Policy Tool\n should be in their respective packages\n - S7196855: autotest.sh fails on ubuntu because libsoftokn.so\n not found\n - S7200682: TEST_BUG: keytool/autotest.sh still has problems\n with libsoftokn.so\n - S8002306: (se) Selector.open fails if invoked with thread\n interrupt status set [win]\n - S8009636: JARSigner including TimeStamp PolicyID\n (TSAPolicyID) as defined in RFC3161\n - S8019341: Update CookieHttpsClientTest to use the newer\n framework.\n - S8022228: Intermittent test failures in\n sun/security/ssl/javax/net/ssl/NewAPIs\n - S8022439: Fix lint warnings in sun.security.ec\n - S8022594: Potential deadlock in \u003cclinit\u003e of\n sun.nio.ch.Util/IOUtil\n - S8023546: sun/security/mscapi/ShortRSAKey1024.sh fails\n intermittently\n - S8036612: [parfait] JNI exception pending in\n jdk/src/windows/native/sun/security/mscapi/security.cpp\n - S8037557: test SessionCacheSizeTests.java timeout\n - S8038837: Add support to jarsigner for specifying timestamp\n hash algorithm\n - S8079410: Hotspot version to share the same update and build\n version from JDK\n - S8130735: javax.swing.TimerQueue: timer fires late when\n another timer starts\n - S8139436: sun.security.mscapi.KeyStore might load incomplete\n data\n - S8144313: Test SessionTimeOutTests can be timeout\n - S8146387: Test SSLSession/SessionCacheSizeTests socket\n accept timed out\n - S8146669: Test SessionTimeOutTests fails intermittently\n - S8146993: Several javax/management/remote/mandatory regression\n tests fail after JDK-8138811\n - S8147857: [TEST] RMIConnector logs attribute names incorrectly\n - S8151841, PR3098: Build needs additional flags to compile\n with GCC 6\n - S8151876: (tz) Support tzdata2016d\n - S8157077: 8u101 L10n resource file updates\n - S8161262: Fix jdk build with gcc 4.1.2: -fno-strict-overflow\n not known.\n * Import of OpenJDK 7 u111 build 1\n - S7081817: test/sun/security/provider/certpath/X509CertPath/IllegalCertificates.java failing\n - S8140344: add support for 3 digit update release numbers\n - S8145017: Add support for 3 digit hotspot minor version\n numbers\n - S8162344: The API changes made by CR 7064075 need to be\n reverted\n * Backports\n - S2178143, PR2958: JVM crashes if the number of bound CPUs\n changed during runtime\n - S4900206, PR3101: Include worst-case rounding tests for Math\n library functions\n - S6260348, PR3067: GTK+ L\u0026F JTextComponent not respecting\n desktop caret blink rate\n - S6934604, PR3075: enable parts of EliminateAutoBox by default\n - S7043064, PR3020: sun/java2d/cmm/ tests failed against\n RI b141 \u0026 b138-nightly\n - S7051394, PR3020: NullPointerException when running\n regression tests LoadProfileTest by using openjdk-7-b144\n - S7086015, PR3013: fix\n test/tools/javac/parser/netbeans/JavacParserTest.java\n - S7119487, PR3013: JavacParserTest.java test fails on Windows\n platforms\n - S7124245, PR3020: [lcms] ColorConvertOp to color space\n CS_GRAY apparently converts orange to 244,244,0\n - S7159445, PR3013: (javac) emits inaccurate diagnostics for\n enhanced for-loops\n - S7175845, PR1437, RH1207129: \u0027jar uf\u0027 changes file\n permissions unexpectedly\n - S8005402, PR3020: Need to provide benchmarks for color\n management\n - S8005530, PR3020: [lcms] Improve performance of ColorConverOp\n for default destinations\n - S8005930, PR3020: [lcms] ColorConvertOp: Alpha channel is not\n transferred from source to destination.\n - S8013430, PR3020: REGRESSION:\n closed/java/awt/color/ICC_Profile/LoadProfileTest/LoadProfileTest.java\n fails with java.io.StreamCorruptedException: invalid type\n code: EE since 8b87\n - S8014286, PR3075: failed java/lang/Math/DivModTests.java\n after 6934604 changes\n - S8014959, PR3075: assert(Compile::current()-\u003elive_nodes() \u003c (uint)MaxNodeLimit)\n failed: Live Node limit exceeded limit\n - S8019247, PR3075: SIGSEGV in compiled method\n c8e.e.t_.getArray(Ljava/lang/Class;)[Ljava/lang/Object\n - S8024511, PR3020: Crash during color profile destruction\n - S8025429, PR3020: [parfait] warnings from b107 for\n sun.java2d.cmm: JNI exception pending\n - S8026702, PR3020: Fix for 8025429 breaks jdk build on windows\n - S8026780, PR3020, RH1142587: Crash on PPC and PPC v2 for\n Java_awt test suit\n - S8047066, PR3020: Test test/sun/awt/image/bug8038000.java\n fails with ClassCastException\n - S8069181, PR3012, RH1015612: java.lang.AssertionError when\n compiling JDK 1.4 code in JDK 8\n - S8158260, PR2992, RH1341258: PPC64: unaligned Unsafe.getInt\n can lead to the generation of illegal instructions (bsc#988651)\n - S8159244, PR3075: Partially initialized string object created\n by C2\u0027s string concat optimization may escape\n * Bug fixes\n - PR2799, RH1195203: Files are missing from resources.jar\n - PR2900: Don\u0027t use WithSeed versions of NSS functions as they\n don\u0027t fully process the seed\n - PR3091: SystemTap is heavily confused by multiple JDKs\n - PR3102: Extend 8022594 to AixPollPort\n - PR3103: Handle case in clean-fonts where\n linux.fontconfig.Gentoo.properties.old has not been created\n - PR3111: Provide option to disable SystemTap tests\n - PR3114: Don\u0027t assume system mime.types supports\n text/x-java-source\n - PR3115: Add check for elliptic curve cryptography\n implementation\n - PR3116: Add tests for Java debug info and source files\n - PR3118: Path to agpl-3.0.txt not updated\n - PR3119: Makefile handles cacerts as a symlink, but the\n configure check doesn\u0027t\n * AArch64 port\n - S8148328, PR3100: aarch64: redundant lsr instructions in stub\n code.\n - S8148783, PR3100: aarch64: SEGV running SpecJBB2013\n - S8148948, PR3100: aarch64: generate_copy_longs calls align()\n incorrectly\n - S8150045, PR3100: arraycopy causes segfaults in SATB during\n garbage collection\n - S8154537, PR3100: AArch64: some integer rotate instructions\n are never emitted\n - S8154739, PR3100: AArch64: TemplateTable::fast_xaccess loads\n in wrong mode\n - S8157906, PR3100: aarch64: some more integer rotate\n instructions are never emitted\n- Enable SunEC for SLE12 and Leap (bsc#982366)\n\n- Fix aarch64 running with 48 bits va space (bsc#984684)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-SP1-2016-1186,SUSE-SLE-SERVER-12-SP1-2016-1186",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_1997-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:1997-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20161997-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:1997-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-August/002184.html"
},
{
"category": "self",
"summary": "SUSE Bug 982366",
"url": "https://bugzilla.suse.com/982366"
},
{
"category": "self",
"summary": "SUSE Bug 984684",
"url": "https://bugzilla.suse.com/984684"
},
{
"category": "self",
"summary": "SUSE Bug 988651",
"url": "https://bugzilla.suse.com/988651"
},
{
"category": "self",
"summary": "SUSE Bug 989722",
"url": "https://bugzilla.suse.com/989722"
},
{
"category": "self",
"summary": "SUSE Bug 989723",
"url": "https://bugzilla.suse.com/989723"
},
{
"category": "self",
"summary": "SUSE Bug 989725",
"url": "https://bugzilla.suse.com/989725"
},
{
"category": "self",
"summary": "SUSE Bug 989727",
"url": "https://bugzilla.suse.com/989727"
},
{
"category": "self",
"summary": "SUSE Bug 989728",
"url": "https://bugzilla.suse.com/989728"
},
{
"category": "self",
"summary": "SUSE Bug 989729",
"url": "https://bugzilla.suse.com/989729"
},
{
"category": "self",
"summary": "SUSE Bug 989730",
"url": "https://bugzilla.suse.com/989730"
},
{
"category": "self",
"summary": "SUSE Bug 989731",
"url": "https://bugzilla.suse.com/989731"
},
{
"category": "self",
"summary": "SUSE Bug 989732",
"url": "https://bugzilla.suse.com/989732"
},
{
"category": "self",
"summary": "SUSE Bug 989733",
"url": "https://bugzilla.suse.com/989733"
},
{
"category": "self",
"summary": "SUSE Bug 989734",
"url": "https://bugzilla.suse.com/989734"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3458 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3485 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3485/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3498 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3498/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3500 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3503 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3503/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3508 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3508/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3511 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3511/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3550 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3550/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3598 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3598/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3606 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3606/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3610 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3610/"
}
],
"title": "Security update for java-1_7_0-openjdk",
"tracking": {
"current_release_date": "2016-08-09T11:33:08Z",
"generator": {
"date": "2016-08-09T11:33:08Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:1997-1",
"initial_release_date": "2016-08-09T11:33:08Z",
"revision_history": [
{
"date": "2016-08-09T11:33:08Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"product": {
"name": "java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"product_id": "java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"product": {
"name": "java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"product_id": "java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"product": {
"name": "java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"product_id": "java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"product": {
"name": "java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"product_id": "java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"product": {
"name": "java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"product_id": "java-1_7_0-openjdk-1.7.0.111-33.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"product": {
"name": "java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"product_id": "java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"product": {
"name": "java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"product_id": "java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"product": {
"name": "java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"product_id": "java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"product": {
"name": "java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"product_id": "java-1_7_0-openjdk-1.7.0.111-33.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"product": {
"name": "java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"product_id": "java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"product": {
"name": "java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"product_id": "java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"product": {
"name": "java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"product_id": "java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-1.7.0.111-33.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64"
},
"product_reference": "java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
},
"product_reference": "java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le"
},
"product_reference": "java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-1.7.0.111-33.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x"
},
"product_reference": "java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-1.7.0.111-33.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64"
},
"product_reference": "java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le"
},
"product_reference": "java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x"
},
"product_reference": "java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64"
},
"product_reference": "java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le"
},
"product_reference": "java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x"
},
"product_reference": "java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64"
},
"product_reference": "java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le"
},
"product_reference": "java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x"
},
"product_reference": "java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
},
"product_reference": "java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le"
},
"product_reference": "java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-1.7.0.111-33.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x"
},
"product_reference": "java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-1.7.0.111-33.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64"
},
"product_reference": "java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le"
},
"product_reference": "java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x"
},
"product_reference": "java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64"
},
"product_reference": "java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le"
},
"product_reference": "java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x"
},
"product_reference": "java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64"
},
"product_reference": "java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le"
},
"product_reference": "java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x"
},
"product_reference": "java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
},
"product_reference": "java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-3458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3458"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3458",
"url": "https://www.suse.com/security/cve/CVE-2016-3458"
},
{
"category": "external",
"summary": "SUSE Bug 989732 for CVE-2016-3458",
"url": "https://bugzilla.suse.com/989732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:33:08Z",
"details": "moderate"
}
],
"title": "CVE-2016-3458"
},
{
"cve": "CVE-2016-3485",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3485"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3485",
"url": "https://www.suse.com/security/cve/CVE-2016-3485"
},
{
"category": "external",
"summary": "SUSE Bug 1009280 for CVE-2016-3485",
"url": "https://bugzilla.suse.com/1009280"
},
{
"category": "external",
"summary": "SUSE Bug 989734 for CVE-2016-3485",
"url": "https://bugzilla.suse.com/989734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:33:08Z",
"details": "low"
}
],
"title": "CVE-2016-3485"
},
{
"cve": "CVE-2016-3498",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3498"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows remote attackers to affect availability via vectors related to JavaFX.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3498",
"url": "https://www.suse.com/security/cve/CVE-2016-3498"
},
{
"category": "external",
"summary": "SUSE Bug 989729 for CVE-2016-3498",
"url": "https://bugzilla.suse.com/989729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:33:08Z",
"details": "moderate"
}
],
"title": "CVE-2016-3498"
},
{
"cve": "CVE-2016-3500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3500"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3508.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3500",
"url": "https://www.suse.com/security/cve/CVE-2016-3500"
},
{
"category": "external",
"summary": "SUSE Bug 989730 for CVE-2016-3500",
"url": "https://bugzilla.suse.com/989730"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:33:08Z",
"details": "moderate"
}
],
"title": "CVE-2016-3500"
},
{
"cve": "CVE-2016-3503",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3503"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Install.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3503",
"url": "https://www.suse.com/security/cve/CVE-2016-3503"
},
{
"category": "external",
"summary": "SUSE Bug 989728 for CVE-2016-3503",
"url": "https://bugzilla.suse.com/989728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:33:08Z",
"details": "moderate"
}
],
"title": "CVE-2016-3503"
},
{
"cve": "CVE-2016-3508",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3508"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3508",
"url": "https://www.suse.com/security/cve/CVE-2016-3508"
},
{
"category": "external",
"summary": "SUSE Bug 989731 for CVE-2016-3508",
"url": "https://bugzilla.suse.com/989731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:33:08Z",
"details": "moderate"
}
],
"title": "CVE-2016-3508"
},
{
"cve": "CVE-2016-3511",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3511"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Deployment.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3511",
"url": "https://www.suse.com/security/cve/CVE-2016-3511"
},
{
"category": "external",
"summary": "SUSE Bug 1009280 for CVE-2016-3511",
"url": "https://bugzilla.suse.com/1009280"
},
{
"category": "external",
"summary": "SUSE Bug 989727 for CVE-2016-3511",
"url": "https://bugzilla.suse.com/989727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:33:08Z",
"details": "moderate"
}
],
"title": "CVE-2016-3511"
},
{
"cve": "CVE-2016-3550",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3550"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality via vectors related to Hotspot.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3550",
"url": "https://www.suse.com/security/cve/CVE-2016-3550"
},
{
"category": "external",
"summary": "SUSE Bug 989733 for CVE-2016-3550",
"url": "https://bugzilla.suse.com/989733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:33:08Z",
"details": "moderate"
}
],
"title": "CVE-2016-3550"
},
{
"cve": "CVE-2016-3598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3598"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3610.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3598",
"url": "https://www.suse.com/security/cve/CVE-2016-3598"
},
{
"category": "external",
"summary": "SUSE Bug 1009280 for CVE-2016-3598",
"url": "https://bugzilla.suse.com/1009280"
},
{
"category": "external",
"summary": "SUSE Bug 989723 for CVE-2016-3598",
"url": "https://bugzilla.suse.com/989723"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:33:08Z",
"details": "important"
}
],
"title": "CVE-2016-3598"
},
{
"cve": "CVE-2016-3606",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3606"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3606",
"url": "https://www.suse.com/security/cve/CVE-2016-3606"
},
{
"category": "external",
"summary": "SUSE Bug 989722 for CVE-2016-3606",
"url": "https://bugzilla.suse.com/989722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:33:08Z",
"details": "important"
}
],
"title": "CVE-2016-3606"
},
{
"cve": "CVE-2016-3610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3610"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3598.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3610",
"url": "https://www.suse.com/security/cve/CVE-2016-3610"
},
{
"category": "external",
"summary": "SUSE Bug 989725 for CVE-2016-3610",
"url": "https://bugzilla.suse.com/989725"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-demo-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-devel-1.7.0.111-33.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_7_0-openjdk-headless-1.7.0.111-33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:33:08Z",
"details": "important"
}
],
"title": "CVE-2016-3610"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…