suse-su-2016:2012-1
Vulnerability from csaf_suse
Published
2016-08-09 11:33
Modified
2016-08-09 11:33
Summary
Security update for java-1_8_0-openjdk
Notes
Title of the patch
Security update for java-1_8_0-openjdk
Description of the patch
This update for java-1_8_0-openjdk fixes the following issues:
- Upgrade to version jdk8u101 (icedtea 3.1.0)
- New in release 3.1.0 (2016-07-25):
* Security fixes
- S8079718, CVE-2016-3458: IIOP Input Stream Hooking
(bsc#989732)
- S8145446, CVE-2016-3485: Perfect pipe placement (Windows
only) (bsc#989734)
- S8146514: Enforce GCM limits
- S8147771: Construction of static protection domains under
Javax custom policy
- S8148872, CVE-2016-3500: Complete name checking (bsc#989730)
- S8149070: Enforce update ordering
- S8149962, CVE-2016-3508: Better delineation of XML processing
(bsc#989731)
- S8150752: Share Class Data
- S8151925: Font reference improvements
- S8152479, CVE-2016-3550: Coded byte streams (bsc#989733)
- S8153312: Constrain AppCDS behavior
- S8154475, CVE-2016-3587: Clean up lookup visibility
(bsc#989721)
- S8155981, CVE-2016-3606: Bolster bytecode verification
(bsc#989722)
- S8155985, CVE-2016-3598: Persistent Parameter Processing
(bsc#989723)
- S8158571, CVE-2016-3610: Additional method handle validation
(bsc#989725)
- CVE-2016-3552 (bsc#989726)
- CVE-2016-3511 (bsc#989727)
- CVE-2016-3503 (bsc#989728)
- CVE-2016-3498 (bsc#989729)
* New features
- S8145547, PR1061: [AWT/Swing] Conditional support for GTK 3
on Linux
- PR2821: Support building OpenJDK with --disable-headful
- PR2931, G478960: Provide Infinality Support via fontconfig
- PR3079: Provide option to build Shenandoah on x86_64
* Import of OpenJDK 8 u92 build 14
- S6869327: Add new C2 flag to keep safepoints in counted
loops.
- S8022865: [TESTBUG] Compressed Oops testing needs to be
revised
- S8029630: Thread id should be displayed as a hex number in
error report
- S8029726: On OS X some dtrace probe names are mismatched with
Solaris
- S8029727: On OS X dtrace probes
Call<type>MethodA/Call<type>MethodV are not fired.
- S8029728: On OS X dtrace probes SetStaticBooleanField are not
fired
- S8038184: XMLSignature throws StringIndexOutOfBoundsException
if ID attribute value is empty String
- S8038349: Signing XML with DSA throws Exception when key is
larger than 1024 bits
- S8041501: ImageIO reader is not capable of reading JPEGs
without JFIF header
- S8041900: [macosx] Java forces the use of discrete GPU
- S8044363: Remove special build options for unpack200 executable
- S8046471: Use OPENJDK_TARGET_CPU_ARCH instead of legacy value
for hotspot ARCH
- S8046611: Build errors with gcc on sparc/fastdebug
- S8047763: Recognize sparc64 as a sparc platform
- S8048232: Fix for 8046471 breaks PPC64 build
- S8052396: Catch exceptions resulting from missing font cmap
- S8058563: InstanceKlass::_dependencies list isn't cleared from
empty nmethodBucket entries
- S8061624: [TESTBUG] Some tests cannot be ran under compact
profiles and therefore shall be excluded
- S8062901: Iterators is spelled incorrectly in the Javadoc for
Spliterator
- S8064330: Remove SHA224 from the default support list if
SunMSCAPI enabled
- S8065579: WB method to start G1 concurrent mark cycle should
be introduced
- S8065986: Compiler fails to NullPointerException when calling
super with Object<>()
- S8066974: Compiler doesn't infer method's generic type
information in lambda body
- S8067800: Clarify java.time.chrono.Chronology.isLeapYear for
out of range years
- S8068033: JNI exception pending in jdk/src/share/bin/java.c
- S8068042: Check jdk/src/share/native/sun/misc/URLClassPath.c
for JNI pending
- S8068162: jvmtiRedefineClasses.cpp: guarantee(false) failed:
OLD and/or OBSOLETE method(s) found
- S8068254: Method reference uses wrong qualifying type
- S8074696: Remote debugging session hangs for several minutes
when calling findBootType
- S8074935: jdk8 keytool doesn't validate pem files for RFC 1421
correctness, as jdk7 did
- S8078423: [TESTBUG] javax/print/PrintSEUmlauts/PrintSEUmlauts.java
relies on system locale
- S8080492: [Parfait] Uninitialised variable in
jdk/src/java/desktop/windows/native/libawt/
- S8080650: Enable stubs to use frame pointers correctly
- S8122944: perfdata used is seen as too high on sparc zone with
jdk1.9 and causes a test failure
- S8129348: Debugger hangs in trace mode with TRACE_SENDS
- S8129847: Compiling methods generated by Nashorn triggers high
memory usage in C2
- S8130506: javac AssertionError when invoking
MethodHandle.invoke with lambda parameter
- S8130910: hsperfdata file is created in wrong directory and
not cleaned up if /tmp/hsperfdata_<username> has wrong permissions
- S8131129: Attempt to define a duplicate BMH$Species class
- S8131665: Bad exception message in HandshakeHash.getFinishedHash
- S8131782: C1 Class.cast optimization breaks when Class is
loaded from static final
- S8132503: [macosx] Chinese full stop symbol cannot be entered
with Pinyin IM on OS X
- S8133207: ParallelProbes.java test fails after changes for
JDK-8080115
- S8133924: NPE may be thrown when xsltc select a non-existing
node after JDK-8062518
- S8134007: Improve string folding
- S8134759: jdb: Incorrect stepping inside finally block
- S8134963: [Newtest] New stress test for changing the coarseness
level of G1 remembered set
- S8136442: Don't tie Certificate signature algorithms to
ciphersuites
- S8137106: EUDC (End User Defined Characters) are not displayed
on Windows with Java 8u60+
- S8138745: Implement ExitOnOutOfMemory and CrashOnOutOfMemory
in HotSpot
- S8138764: In some cases the usage of TreeLock can be replaced
by other synchronization
- S8139373: [TEST_BUG] java/net/MulticastSocket/MultiDead.java
failed with timeout
- S8139424: SIGSEGV, Problematic frame: # V [libjvm.so+0xd0c0cc]
void InstanceKlass::oop_oop_iterate_oop_maps_specialized<true,oopDesc*,MarkAndPushClosure>
- S8139436: sun.security.mscapi.KeyStore might load incomplete
data
- S8139751: Javac crash with -XDallowStringFolding=false
- S8139863: [TESTBUG] Need to port tests for JDK-8134903 to
8u-dev
- S8139985: JNI exception pending in
jdk/src/jdk/hprof/agent/share/native/libhprof
- S8140031: SA: Searching for a value in Threads does not work
- S8140249: JVM Crashing During startUp If Flight Recording is
enabled
- S8140344: add support for 3 digit update release numbers
- S8140587: Atomic*FieldUpdaters should use Class.isInstance
instead of direct class check
- S8141260: isReachable crash in windows xp
- S8143297: Nashorn compilation time reported in nanoseconds
- S8143397: It looks like InetAddress.isReachable(timeout) works
incorrectly
- S8143855: Bad printf formatting in frame_zero.cpp
- S8143896: java.lang.Long is implicitly converted to double
- S8143963: improve ClassLoader::trace_class_path to accept an
additional outputStream* arg
- S8144020: Remove long as an internal numeric type
- S8144131: ArrayData.getInt implementations do not convert to
int32
- S8144483: One long Safepoint pause directly after each GC log
rotation
- S8144487: PhaseIdealLoop::build_and_optimize() must restore
major_progress flag if skip_loop_opts is true
- S8144885: agent/src/os/linux/libproc.h needs to support
Linux/SPARC builds
- S8144935: C2: safepoint is pruned from a non-counted loop
- S8144937: [TEST_BUG] testlibrary_tests should be excluded for
compact1 and compact2 execution
- S8145017: Add support for 3 digit hotspot minor version numbers
- S8145099: Better error message when SA can't attach to a process
- S8145442: Add the facility to verify remembered sets for G1
- S8145466: javac: No line numbers in compilation error
- S8145539: (coll) AbstractMap.keySet and .values should not be
volatile
- S8145550: Megamorphic invoke should use CompiledFunction
variants without any LinkLogic
- S8145669: apply2call optimized callsite fails after becoming
megamorphic
- S8145722: NullPointerException in javadoc
- S8145754: PhaseIdealLoop::is_scaled_iv_plus_offset() does not
match AddI
- S8146147: Java linker indexed property getter does not work
for computed nashorn string
- S8146566: OpenJDK build can't handle commas in LDFLAGS
- S8146725: Issues with SignatureAndHashAlgorithm.getSupportedAlgorithms
- S8146979: Backport of 8046471 breaks ppc64 build in jdk8u
because 8072383 was badly backported before
- S8147087: Race when reusing PerRegionTable bitmaps may result
in dropped remembered set entries
- S8147630: Wrong test result pushed to 8u-dev
- S8147845: Varargs Array functions still leaking longs
- S8147857: RMIConnector logs attribute names incorrectly
- S8148353: [linux-sparc] Crash in libawt.so on Linux SPARC
- S8150791: 8u76 L10n resource file translation update
* Import of OpenJDK 8 u101 build 13
- S6483657: MSCAPI provider does not create unique alias names
- S6675699: need comprehensive fix for unconstrained ConvI2L
with narrowed type
- S8037557: test SessionCacheSizeTests.java timeout
- S8038837: Add support to jarsigner for specifying timestamp
hash algorithm
- S8081778: Use Intel x64 CPU instructions for RSA acceleration
- S8130150: Implement BigInteger.montgomeryMultiply intrinsic
- S8130735: javax.swing.TimerQueue: timer fires late when
another timer starts
- S8143913: MSCAPI keystore should accept Certificate[] in
setEntry()
- S8144313: Test SessionTimeOutTests can be timeout
- S8146240: Three nashorn files contain 'GNU General Public
License' header
- S8146387: Test SSLSession/SessionCacheSizeTests socket accept
timed out
- S8146669: Test SessionTimeOutTests fails intermittently
- S8146993: Several javax/management/remote/mandatory regression
tests fail after JDK-8138811
- S8147994: [macosx] JScrollPane jitters up/down during trackpad
scrolling on MacOS/Aqua
- S8151522: Disable 8130150 and 8081778 intrinsics by default
- S8151876: (tz) Support tzdata2016d
- S8152098: Fix 8151522 caused test
compiler/intrinsics/squaretolen/TestSquareToLen.java to fail
- S8157077: 8u101 L10n resource file updates
* Backports
- S6260348, PR3066: GTK+ L&F JTextComponent not respecting
desktop caret blink rate
- S6778087, PR1061: getLocationOnScreen() always returns (0, 0)
for mouse wheel events
- S6961123, PR2972: setWMClass fails to null-terminate WM_CLASS
string
- S8008657, PR3077: JSpinner setComponentOrientation doesn't
affect on text orientation
- S8014212, PR2866: Robot captures black screen
- S8029339, PR1061: Custom MultiResolution image support on
HiDPI displays
- S8031145, PR3077: Re-examine closed i18n tests to see it they
can be moved to the jdk repository.
- S8034856, PR3095: gcc warnings compiling
src/solaris/native/sun/security/pkcs11
- S8034857, PR3095: gcc warnings compiling
src/solaris/native/sun/management
- S8035054, PR3095: JarFacade.c should not include ctype.h
- S8035287, PR3095: gcc warnings compiling various libraries
files
- S8038631, PR3077: Create wrapper for awt.Robot with additional
functionality
- S8039279, PR3077: Move awt tests to openjdk repository
- S8041561, PR3077: Inconsistent opacity behaviour between
JCheckBox and JRadioButton
- S8041592, PR3077: [TEST_BUG] Move 42 AWT hw/lw mixing tests
to jdk
- S8041915, PR3077: Move 8 awt tests to OpenJDK regression
tests tree
- S8043126, PR3077: move awt automated functional tests from
AWT_Events/Lw and AWT_Events/AWT to OpenJDK repository
- S8043131, PR3077: Move ShapedAndTranslucentWindows and GC
functional AWT tests to regression tree
- S8044157, PR3077: [TEST_BUG] Improve recently submitted
AWT_Mixing tests
- S8044172, PR3077: [TEST_BUG] Move regtests for 4523758 and
AltPlusNumberKeyCombinationsTest to jdk
- S8044429, PR3077: move awt automated tests for AWT_Modality
to OpenJDK repository
- S8044762, PR2960: com/sun/jdi/OptionTest.java test time out
- S8044765, PR3077: Move functional tests
AWT_SystemTray/Automated to openjdk repository
- S8047180, PR3077: Move functional tests AWT_Headless/Automated
to OpenJDK repository
- S8047367, PR3077: move awt automated tests from AWT_Modality
to OpenJDK repository - part 2
- S8048246, PR3077: Move AWT_DnD/Clipboard/Automated functional
tests to OpenJDK
- S8049226, PR2960: com/sun/jdi/OptionTest.java test times out
again
- S8049617, PR3077: move awt automated tests from AWT_Modality
to OpenJDK repository - part 3
- S8049694, PR3077: Migrate functional
AWT_DesktopProperties/Automated tests to OpenJDK
- S8050885, PR3077: move awt automated tests from AWT_Modality
to OpenJDK repository - part 4
- S8051440, PR3077: move tests about maximizing undecorated to
OpenJDK
- S8052012, PR3077: move awt automated tests from AWT_Modality
to OpenJDK repository - part 5
- S8052408, PR3077: Move AWT_BAT functional tests to OpenJDK (3
of 3)
- S8053657, PR3077: [TEST_BUG] move some 5 tests related to
undecorated Frame/JFrame to JDK
- S8054143, PR3077: move awt automated tests from AWT_Modality
to OpenJDK repository - part 6
- S8054358, PR3077: move awt automated tests from AWT_Modality
to OpenJDK repository - part 7
- S8054359, PR3077: move awt automated tests from AWT_Modality
to OpenJDK repository - part 8
- S8055360, PR3077: Move the rest part of AWT
ShapedAndTranslucent tests to OpenJDK
- S8055664, PR3077: move 14 tests about setLocationRelativeTo
to jdk
- S8055836, PR3077: move awt tests from AWT_Modality to OpenJDK
repository - part 9
- S8056911, PR3077: Remove internal API usage from ExtendedRobot
class
- S8057694, PR3077: move awt tests from AWT_Modality to OpenJDK
repository - part 10
- S8058959, PR1061: closed/java/awt/event/ComponentEvent/MovedResizedTwiceTest/MovedResizedTwiceTest.java
failed automatically
- S8062606, PR3077: Fix a typo in java.awt.Robot class
- S8063102, PR3077: Change open awt regression tests to avoid
sun.awt.SunToolkit.realSync, part 1
- S8063104, PR3077: Change open awt regression tests to avoid
sun.awt.SunToolkit.realSync, part 2
- S8063106, PR3077: Change open swing regression tests to avoid
sun.awt.SunToolkit.realSync, part 1
- S8063107, PR3077: Change open swing regression tests to avoid
sun.awt.SunToolkit.realSync, part 2
- S8064573, PR3077: [TEST_BUG] javax/swing/text/AbstractDocument/6968363/Test6968363.java
is asocial pressing VK_LEFT and not releasing
- S8064575, PR3077: [TEST_BUG] javax/swing/JEditorPane/6917744/bug6917744.java
100 times press keys and never releases
- S8064809, PR3077: [TEST_BUG] javax/swing/JComboBox/4199622/bug4199622.java
contains a lot of keyPress and not a single keyRelease
- S8067441, PR3077: Some tests fails with error: cannot find symbol
getSystemMnemonicKeyCodes()
- S8068228, PR3077: Test closed/java/awt/Mouse/MaximizedFrameTest/MaximizedFrameTest
fails with GTKLookAndFeel
- S8069361, PR1061: SunGraphics2D.getDefaultTransform() does not
include scale factor
- S8073320, PR1061: Windows HiDPI Graphics support
- S8074807, PR3077: Fix some tests unnecessary using internal API
- S8076315, PR3077: move 4 manual functional swing tests to
regression suite
- S8078504, PR3094: Zero lacks declaration of
VM_Version::initialize()
- S8129822, PR3077: Define 'headful' jtreg keyword
- S8132123, PR1061: MultiResolutionCachedImage unnecessarily
creates base image to get its size
- S8133539, PR1061: [TEST_BUG] Split
java/awt/image/MultiResolutionImageTest.java in two to allow
restricted access
- S8137571, PR1061: Linux HiDPI Graphics support
- S8142406, PR1061: [TEST] MultiResolution image: need test to
cover the case when @2x image is corrupted
- S8145188, PR2945: No LocalVariableTable generated for the
entire JDK
- S8150258, PR1061: [TEST] HiDPI: create a test for
multiresolution menu items icons
- S8150724, PR1061: [TEST] HiDPI: create a test for
multiresolution icons
- S8150844, PR1061: [hidpi] [macosx] -Dsun.java2d.uiScale should
be taken into account for OS X
- S8151841, PR2882: Build needs additional flags to compile with
GCC 6 [plus parts of 8149647 & 8032045]
- S8155613, PR1061: [PIT] crash in
AWT_Desktop/Automated/Exceptions/BasicTest
- S8156020, PR1061: 8145547 breaks AIX and and uses RTLD_NOLOAD
incorrectly
- S8156128, PR1061: Tests for [AWT/Swing] Conditional support
for GTK 3 on Linux
- S8158260, PR2991, RH1341258: PPC64: unaligned Unsafe.getInt
can lead to the generation of illegal instructions (bsc#988651)
- S8159244, PR3074: Partially initialized string object created
by C2's string concat optimization may escape
- S8159690, PR3077: [TESTBUG] Mark headful tests with @key
headful.
- S8160294, PR2882, PR3095: Some client libraries cannot be
built with GCC 6
* Bug fixes
- PR1958: GTKLookAndFeel does not honor
gtk-alternative-button-order
- PR2822: Feed LIBS & CFLAGS into configure rather than make to
avoid re-discovery by OpenJDK configure
- PR2932: Support ccache in a non-automagic manner
- PR2933: Support ccache 3.2 and later
- PR2964: Set system defaults based on OS
- PR2974, RH1337583: PKCS#10 certificate requests now use CRLF
line endings rather than system line endings
- PR3078: Remove duplicated line dating back to 6788347 and
6894807
- PR3083, RH1346460: Regression in SSL debug output without an
ECC provider
- PR3089: Remove old memory limits patch
- PR3090, RH1204159: SystemTap is heavily confused by multiple
JDKs
- PR3095: Fix warnings in URLClassPath.c
- PR3096: Remove dead --disable-optimizations option
- PR3105: Use version from hotspot.map to create tarball filename
- PR3106: Handle both correctly-spelt property
'enableCustomValueHandler' introduced by S8079718 and typo
version
- PR3108: Shenandoah patches not included in release tarball
- PR3110: Update hotspot.map documentation in INSTALL
* AArch64 port
- S8145320, PR3078: Create unsafe_arraycopy and
generic_arraycopy for AArch64
- S8148328, PR3078: aarch64: redundant lsr instructions in stub
code.
- S8148783, PR3078: aarch64: SEGV running SpecJBB2013
- S8148948, PR3078: aarch64: generate_copy_longs calls align()
incorrectly
- S8149080, PR3078: AArch64: Recognise disjoint array copy in
stub code
- S8149365, PR3078: aarch64: memory copy does not prefetch on
backwards copy
- S8149907, PR3078: aarch64: use load/store pair instructions
in call_stub
- S8150038, PR3078: aarch64: make use of CBZ and CBNZ when
comparing narrow pointer with zero
- S8150045, PR3078: arraycopy causes segfaults in SATB during
garbage collection
- S8150082, PR3078: aarch64: optimise small array copy
- S8150229, PR3078: aarch64: pipeline class for several
instructions is not set correctly
- S8150313, PR3078: aarch64: optimise array copy using SIMD
instructions
- S8150394, PR3078: aarch64: add support for 8.1 LSE CAS
instructions
- S8151340, PR3078: aarch64: prefetch the destination word for
write prior to ldxr/stxr loops.
- S8151502, PR3078: optimize pd_disjoint_words and
pd_conjoint_words
- S8151775, PR3078: aarch64: add support for 8.1 LSE atomic
operations
- S8152537, PR3078: aarch64: Make use of CBZ and CBNZ when
comparing unsigned values with zero.
- S8152840, PR3078: aarch64: improve _unsafe_arraycopy stub
routine
- S8153713, PR3078: aarch64: improve short array clearing using
store pair
- S8153797, PR3078: aarch64: Add Arrays.fill stub code
- S8154537, PR3078: AArch64: some integer rotate instructions
are never emitted
- S8154739, PR3078: AArch64: TemplateTable::fast_xaccess loads
in wrong mode
- S8155015, PR3078: Aarch64: bad assert in spill generation
code
- S8155100, PR3078: AArch64: Relax alignment requirement for
byte_map_base
- S8155612, PR3078: Aarch64: vector nodes need to support
misaligned offset
- S8155617, PR3078: aarch64: ClearArray does not use DC ZVA
- S8155653, PR3078: TestVectorUnalignedOffset.java not pushed
with 8155612
- S8156731, PR3078: aarch64: java/util/Arrays/Correct.java fails
due to _generic_arraycopy stub routine
- S8157841, PR3078: aarch64: prefetch ignores cache line size
- S8157906, PR3078: aarch64: some more integer rotate
instructions are never emitted
- S8158913, PR3078: aarch64: SEGV running Spark terasort
- S8159052, PR3078: aarch64: optimise unaligned copies in
pd_disjoint_words and pd_conjoint_words
- S8159063, PR3078: aarch64: optimise unaligned array copy long
- PR3078: Cleanup remaining differences from aarch64/jdk8u tree
- Fix script linking /usr/share/javazi/tzdb.dat for platform where
it applies (bsc#987895)
- Fix aarch64 running with 48 bits va space (bsc#984684)
avoid some crashes
Patchnames
SUSE-SLE-DESKTOP-12-SP1-2016-1187,SUSE-SLE-SERVER-12-SP1-2016-1187
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for java-1_8_0-openjdk",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for java-1_8_0-openjdk fixes the following issues:\n\n- Upgrade to version jdk8u101 (icedtea 3.1.0)\n- New in release 3.1.0 (2016-07-25):\n * Security fixes\n - S8079718, CVE-2016-3458: IIOP Input Stream Hooking\n (bsc#989732)\n - S8145446, CVE-2016-3485: Perfect pipe placement (Windows\n only) (bsc#989734)\n - S8146514: Enforce GCM limits\n - S8147771: Construction of static protection domains under\n Javax custom policy\n - S8148872, CVE-2016-3500: Complete name checking (bsc#989730)\n - S8149070: Enforce update ordering\n - S8149962, CVE-2016-3508: Better delineation of XML processing\n (bsc#989731)\n - S8150752: Share Class Data\n - S8151925: Font reference improvements\n - S8152479, CVE-2016-3550: Coded byte streams (bsc#989733)\n - S8153312: Constrain AppCDS behavior\n - S8154475, CVE-2016-3587: Clean up lookup visibility\n (bsc#989721)\n - S8155981, CVE-2016-3606: Bolster bytecode verification\n (bsc#989722)\n - S8155985, CVE-2016-3598: Persistent Parameter Processing\n (bsc#989723)\n - S8158571, CVE-2016-3610: Additional method handle validation\n (bsc#989725)\n - CVE-2016-3552 (bsc#989726)\n - CVE-2016-3511 (bsc#989727)\n - CVE-2016-3503 (bsc#989728)\n - CVE-2016-3498 (bsc#989729)\n * New features\n - S8145547, PR1061: [AWT/Swing] Conditional support for GTK 3\n on Linux\n - PR2821: Support building OpenJDK with --disable-headful\n - PR2931, G478960: Provide Infinality Support via fontconfig\n - PR3079: Provide option to build Shenandoah on x86_64\n * Import of OpenJDK 8 u92 build 14\n - S6869327: Add new C2 flag to keep safepoints in counted\n loops.\n - S8022865: [TESTBUG] Compressed Oops testing needs to be\n revised\n - S8029630: Thread id should be displayed as a hex number in\n error report\n - S8029726: On OS X some dtrace probe names are mismatched with\n Solaris\n - S8029727: On OS X dtrace probes\n Call\u003ctype\u003eMethodA/Call\u003ctype\u003eMethodV are not fired.\n - S8029728: On OS X dtrace probes SetStaticBooleanField are not\n fired\n - S8038184: XMLSignature throws StringIndexOutOfBoundsException\n if ID attribute value is empty String\n - S8038349: Signing XML with DSA throws Exception when key is\n larger than 1024 bits\n - S8041501: ImageIO reader is not capable of reading JPEGs\n without JFIF header\n - S8041900: [macosx] Java forces the use of discrete GPU\n - S8044363: Remove special build options for unpack200 executable\n - S8046471: Use OPENJDK_TARGET_CPU_ARCH instead of legacy value\n for hotspot ARCH\n - S8046611: Build errors with gcc on sparc/fastdebug\n - S8047763: Recognize sparc64 as a sparc platform\n - S8048232: Fix for 8046471 breaks PPC64 build\n - S8052396: Catch exceptions resulting from missing font cmap\n - S8058563: InstanceKlass::_dependencies list isn\u0027t cleared from\n empty nmethodBucket entries\n - S8061624: [TESTBUG] Some tests cannot be ran under compact\n profiles and therefore shall be excluded\n - S8062901: Iterators is spelled incorrectly in the Javadoc for\n Spliterator\n - S8064330: Remove SHA224 from the default support list if\n SunMSCAPI enabled\n - S8065579: WB method to start G1 concurrent mark cycle should\n be introduced\n - S8065986: Compiler fails to NullPointerException when calling\n super with Object\u003c\u003e()\n - S8066974: Compiler doesn\u0027t infer method\u0027s generic type\n information in lambda body\n - S8067800: Clarify java.time.chrono.Chronology.isLeapYear for\n out of range years\n - S8068033: JNI exception pending in jdk/src/share/bin/java.c\n - S8068042: Check jdk/src/share/native/sun/misc/URLClassPath.c\n for JNI pending\n - S8068162: jvmtiRedefineClasses.cpp: guarantee(false) failed:\n OLD and/or OBSOLETE method(s) found\n - S8068254: Method reference uses wrong qualifying type\n - S8074696: Remote debugging session hangs for several minutes\n when calling findBootType\n - S8074935: jdk8 keytool doesn\u0027t validate pem files for RFC 1421\n correctness, as jdk7 did\n - S8078423: [TESTBUG] javax/print/PrintSEUmlauts/PrintSEUmlauts.java\n relies on system locale\n - S8080492: [Parfait] Uninitialised variable in\n jdk/src/java/desktop/windows/native/libawt/\n - S8080650: Enable stubs to use frame pointers correctly\n - S8122944: perfdata used is seen as too high on sparc zone with\n jdk1.9 and causes a test failure\n - S8129348: Debugger hangs in trace mode with TRACE_SENDS\n - S8129847: Compiling methods generated by Nashorn triggers high\n memory usage in C2\n - S8130506: javac AssertionError when invoking\n MethodHandle.invoke with lambda parameter\n - S8130910: hsperfdata file is created in wrong directory and\n not cleaned up if /tmp/hsperfdata_\u003cusername\u003e has wrong permissions\n - S8131129: Attempt to define a duplicate BMH$Species class\n - S8131665: Bad exception message in HandshakeHash.getFinishedHash\n - S8131782: C1 Class.cast optimization breaks when Class is\n loaded from static final\n - S8132503: [macosx] Chinese full stop symbol cannot be entered\n with Pinyin IM on OS X\n - S8133207: ParallelProbes.java test fails after changes for\n JDK-8080115\n - S8133924: NPE may be thrown when xsltc select a non-existing\n node after JDK-8062518\n - S8134007: Improve string folding\n - S8134759: jdb: Incorrect stepping inside finally block\n - S8134963: [Newtest] New stress test for changing the coarseness\n level of G1 remembered set\n - S8136442: Don\u0027t tie Certificate signature algorithms to\n ciphersuites\n - S8137106: EUDC (End User Defined Characters) are not displayed\n on Windows with Java 8u60+\n - S8138745: Implement ExitOnOutOfMemory and CrashOnOutOfMemory\n in HotSpot\n - S8138764: In some cases the usage of TreeLock can be replaced\n by other synchronization\n - S8139373: [TEST_BUG] java/net/MulticastSocket/MultiDead.java\n failed with timeout\n - S8139424: SIGSEGV, Problematic frame: # V [libjvm.so+0xd0c0cc]\n void InstanceKlass::oop_oop_iterate_oop_maps_specialized\u003ctrue,oopDesc*,MarkAndPushClosure\u003e\n - S8139436: sun.security.mscapi.KeyStore might load incomplete\n data\n - S8139751: Javac crash with -XDallowStringFolding=false\n - S8139863: [TESTBUG] Need to port tests for JDK-8134903 to\n 8u-dev\n - S8139985: JNI exception pending in\n jdk/src/jdk/hprof/agent/share/native/libhprof\n - S8140031: SA: Searching for a value in Threads does not work\n - S8140249: JVM Crashing During startUp If Flight Recording is\n enabled\n - S8140344: add support for 3 digit update release numbers\n - S8140587: Atomic*FieldUpdaters should use Class.isInstance\n instead of direct class check\n - S8141260: isReachable crash in windows xp\n - S8143297: Nashorn compilation time reported in nanoseconds\n - S8143397: It looks like InetAddress.isReachable(timeout) works\n incorrectly\n - S8143855: Bad printf formatting in frame_zero.cpp\n - S8143896: java.lang.Long is implicitly converted to double\n - S8143963: improve ClassLoader::trace_class_path to accept an\n additional outputStream* arg\n - S8144020: Remove long as an internal numeric type\n - S8144131: ArrayData.getInt implementations do not convert to\n int32\n - S8144483: One long Safepoint pause directly after each GC log\n rotation\n - S8144487: PhaseIdealLoop::build_and_optimize() must restore\n major_progress flag if skip_loop_opts is true\n - S8144885: agent/src/os/linux/libproc.h needs to support\n Linux/SPARC builds\n - S8144935: C2: safepoint is pruned from a non-counted loop\n - S8144937: [TEST_BUG] testlibrary_tests should be excluded for\n compact1 and compact2 execution\n - S8145017: Add support for 3 digit hotspot minor version numbers\n - S8145099: Better error message when SA can\u0027t attach to a process\n - S8145442: Add the facility to verify remembered sets for G1\n - S8145466: javac: No line numbers in compilation error\n - S8145539: (coll) AbstractMap.keySet and .values should not be\n volatile\n - S8145550: Megamorphic invoke should use CompiledFunction\n variants without any LinkLogic\n - S8145669: apply2call optimized callsite fails after becoming\n megamorphic\n - S8145722: NullPointerException in javadoc\n - S8145754: PhaseIdealLoop::is_scaled_iv_plus_offset() does not\n match AddI\n - S8146147: Java linker indexed property getter does not work\n for computed nashorn string\n - S8146566: OpenJDK build can\u0027t handle commas in LDFLAGS\n - S8146725: Issues with SignatureAndHashAlgorithm.getSupportedAlgorithms\n - S8146979: Backport of 8046471 breaks ppc64 build in jdk8u\n because 8072383 was badly backported before\n - S8147087: Race when reusing PerRegionTable bitmaps may result\n in dropped remembered set entries\n - S8147630: Wrong test result pushed to 8u-dev\n - S8147845: Varargs Array functions still leaking longs\n - S8147857: RMIConnector logs attribute names incorrectly\n - S8148353: [linux-sparc] Crash in libawt.so on Linux SPARC\n - S8150791: 8u76 L10n resource file translation update\n * Import of OpenJDK 8 u101 build 13\n - S6483657: MSCAPI provider does not create unique alias names\n - S6675699: need comprehensive fix for unconstrained ConvI2L\n with narrowed type\n - S8037557: test SessionCacheSizeTests.java timeout\n - S8038837: Add support to jarsigner for specifying timestamp\n hash algorithm\n - S8081778: Use Intel x64 CPU instructions for RSA acceleration\n - S8130150: Implement BigInteger.montgomeryMultiply intrinsic\n - S8130735: javax.swing.TimerQueue: timer fires late when\n another timer starts\n - S8143913: MSCAPI keystore should accept Certificate[] in\n setEntry()\n - S8144313: Test SessionTimeOutTests can be timeout\n - S8146240: Three nashorn files contain \u0027GNU General Public\n License\u0027 header\n - S8146387: Test SSLSession/SessionCacheSizeTests socket accept\n timed out\n - S8146669: Test SessionTimeOutTests fails intermittently\n - S8146993: Several javax/management/remote/mandatory regression\n tests fail after JDK-8138811\n - S8147994: [macosx] JScrollPane jitters up/down during trackpad\n scrolling on MacOS/Aqua\n - S8151522: Disable 8130150 and 8081778 intrinsics by default\n - S8151876: (tz) Support tzdata2016d\n - S8152098: Fix 8151522 caused test\n compiler/intrinsics/squaretolen/TestSquareToLen.java to fail\n - S8157077: 8u101 L10n resource file updates\n * Backports\n - S6260348, PR3066: GTK+ L\u0026F JTextComponent not respecting\n desktop caret blink rate\n - S6778087, PR1061: getLocationOnScreen() always returns (0, 0)\n for mouse wheel events\n - S6961123, PR2972: setWMClass fails to null-terminate WM_CLASS\n string\n - S8008657, PR3077: JSpinner setComponentOrientation doesn\u0027t\n affect on text orientation\n - S8014212, PR2866: Robot captures black screen\n - S8029339, PR1061: Custom MultiResolution image support on\n HiDPI displays\n - S8031145, PR3077: Re-examine closed i18n tests to see it they\n can be moved to the jdk repository.\n - S8034856, PR3095: gcc warnings compiling\n src/solaris/native/sun/security/pkcs11\n - S8034857, PR3095: gcc warnings compiling\n src/solaris/native/sun/management\n - S8035054, PR3095: JarFacade.c should not include ctype.h\n - S8035287, PR3095: gcc warnings compiling various libraries\n files\n - S8038631, PR3077: Create wrapper for awt.Robot with additional\n functionality\n - S8039279, PR3077: Move awt tests to openjdk repository\n - S8041561, PR3077: Inconsistent opacity behaviour between\n JCheckBox and JRadioButton\n - S8041592, PR3077: [TEST_BUG] Move 42 AWT hw/lw mixing tests\n to jdk\n - S8041915, PR3077: Move 8 awt tests to OpenJDK regression\n tests tree\n - S8043126, PR3077: move awt automated functional tests from\n AWT_Events/Lw and AWT_Events/AWT to OpenJDK repository\n - S8043131, PR3077: Move ShapedAndTranslucentWindows and GC\n functional AWT tests to regression tree\n - S8044157, PR3077: [TEST_BUG] Improve recently submitted\n AWT_Mixing tests\n - S8044172, PR3077: [TEST_BUG] Move regtests for 4523758 and\n AltPlusNumberKeyCombinationsTest to jdk\n - S8044429, PR3077: move awt automated tests for AWT_Modality\n to OpenJDK repository\n - S8044762, PR2960: com/sun/jdi/OptionTest.java test time out\n - S8044765, PR3077: Move functional tests\n AWT_SystemTray/Automated to openjdk repository\n - S8047180, PR3077: Move functional tests AWT_Headless/Automated\n to OpenJDK repository\n - S8047367, PR3077: move awt automated tests from AWT_Modality\n to OpenJDK repository - part 2\n - S8048246, PR3077: Move AWT_DnD/Clipboard/Automated functional\n tests to OpenJDK\n - S8049226, PR2960: com/sun/jdi/OptionTest.java test times out\n again\n - S8049617, PR3077: move awt automated tests from AWT_Modality\n to OpenJDK repository - part 3\n - S8049694, PR3077: Migrate functional\n AWT_DesktopProperties/Automated tests to OpenJDK\n - S8050885, PR3077: move awt automated tests from AWT_Modality\n to OpenJDK repository - part 4\n - S8051440, PR3077: move tests about maximizing undecorated to\n OpenJDK\n - S8052012, PR3077: move awt automated tests from AWT_Modality\n to OpenJDK repository - part 5\n - S8052408, PR3077: Move AWT_BAT functional tests to OpenJDK (3\n of 3)\n - S8053657, PR3077: [TEST_BUG] move some 5 tests related to\n undecorated Frame/JFrame to JDK\n - S8054143, PR3077: move awt automated tests from AWT_Modality\n to OpenJDK repository - part 6\n - S8054358, PR3077: move awt automated tests from AWT_Modality\n to OpenJDK repository - part 7\n - S8054359, PR3077: move awt automated tests from AWT_Modality\n to OpenJDK repository - part 8\n - S8055360, PR3077: Move the rest part of AWT\n ShapedAndTranslucent tests to OpenJDK\n - S8055664, PR3077: move 14 tests about setLocationRelativeTo\n to jdk\n - S8055836, PR3077: move awt tests from AWT_Modality to OpenJDK\n repository - part 9\n - S8056911, PR3077: Remove internal API usage from ExtendedRobot\n class\n - S8057694, PR3077: move awt tests from AWT_Modality to OpenJDK\n repository - part 10\n - S8058959, PR1061: closed/java/awt/event/ComponentEvent/MovedResizedTwiceTest/MovedResizedTwiceTest.java\n failed automatically\n - S8062606, PR3077: Fix a typo in java.awt.Robot class\n - S8063102, PR3077: Change open awt regression tests to avoid\n sun.awt.SunToolkit.realSync, part 1\n - S8063104, PR3077: Change open awt regression tests to avoid\n sun.awt.SunToolkit.realSync, part 2\n - S8063106, PR3077: Change open swing regression tests to avoid\n sun.awt.SunToolkit.realSync, part 1\n - S8063107, PR3077: Change open swing regression tests to avoid\n sun.awt.SunToolkit.realSync, part 2\n - S8064573, PR3077: [TEST_BUG] javax/swing/text/AbstractDocument/6968363/Test6968363.java\n is asocial pressing VK_LEFT and not releasing\n - S8064575, PR3077: [TEST_BUG] javax/swing/JEditorPane/6917744/bug6917744.java\n 100 times press keys and never releases\n - S8064809, PR3077: [TEST_BUG] javax/swing/JComboBox/4199622/bug4199622.java\n contains a lot of keyPress and not a single keyRelease\n - S8067441, PR3077: Some tests fails with error: cannot find symbol\n getSystemMnemonicKeyCodes()\n - S8068228, PR3077: Test closed/java/awt/Mouse/MaximizedFrameTest/MaximizedFrameTest\n fails with GTKLookAndFeel\n - S8069361, PR1061: SunGraphics2D.getDefaultTransform() does not\n include scale factor\n - S8073320, PR1061: Windows HiDPI Graphics support\n - S8074807, PR3077: Fix some tests unnecessary using internal API\n - S8076315, PR3077: move 4 manual functional swing tests to\n regression suite\n - S8078504, PR3094: Zero lacks declaration of\n VM_Version::initialize()\n - S8129822, PR3077: Define \u0027headful\u0027 jtreg keyword\n - S8132123, PR1061: MultiResolutionCachedImage unnecessarily\n creates base image to get its size\n - S8133539, PR1061: [TEST_BUG] Split\n java/awt/image/MultiResolutionImageTest.java in two to allow\n restricted access\n - S8137571, PR1061: Linux HiDPI Graphics support\n - S8142406, PR1061: [TEST] MultiResolution image: need test to\n cover the case when @2x image is corrupted\n - S8145188, PR2945: No LocalVariableTable generated for the\n entire JDK\n - S8150258, PR1061: [TEST] HiDPI: create a test for\n multiresolution menu items icons\n - S8150724, PR1061: [TEST] HiDPI: create a test for\n multiresolution icons\n - S8150844, PR1061: [hidpi] [macosx] -Dsun.java2d.uiScale should\n be taken into account for OS X\n - S8151841, PR2882: Build needs additional flags to compile with\n GCC 6 [plus parts of 8149647 \u0026 8032045]\n - S8155613, PR1061: [PIT] crash in\n AWT_Desktop/Automated/Exceptions/BasicTest\n - S8156020, PR1061: 8145547 breaks AIX and and uses RTLD_NOLOAD\n incorrectly\n - S8156128, PR1061: Tests for [AWT/Swing] Conditional support\n for GTK 3 on Linux\n - S8158260, PR2991, RH1341258: PPC64: unaligned Unsafe.getInt\n can lead to the generation of illegal instructions (bsc#988651)\n - S8159244, PR3074: Partially initialized string object created\n by C2\u0027s string concat optimization may escape\n - S8159690, PR3077: [TESTBUG] Mark headful tests with @key\n headful.\n - S8160294, PR2882, PR3095: Some client libraries cannot be\n built with GCC 6\n * Bug fixes\n - PR1958: GTKLookAndFeel does not honor\n gtk-alternative-button-order\n - PR2822: Feed LIBS \u0026 CFLAGS into configure rather than make to\n avoid re-discovery by OpenJDK configure\n - PR2932: Support ccache in a non-automagic manner\n - PR2933: Support ccache 3.2 and later\n - PR2964: Set system defaults based on OS\n - PR2974, RH1337583: PKCS#10 certificate requests now use CRLF\n line endings rather than system line endings\n - PR3078: Remove duplicated line dating back to 6788347 and\n 6894807\n - PR3083, RH1346460: Regression in SSL debug output without an\n ECC provider\n - PR3089: Remove old memory limits patch\n - PR3090, RH1204159: SystemTap is heavily confused by multiple\n JDKs\n - PR3095: Fix warnings in URLClassPath.c\n - PR3096: Remove dead --disable-optimizations option\n - PR3105: Use version from hotspot.map to create tarball filename\n - PR3106: Handle both correctly-spelt property\n \u0027enableCustomValueHandler\u0027 introduced by S8079718 and typo\n version\n - PR3108: Shenandoah patches not included in release tarball\n - PR3110: Update hotspot.map documentation in INSTALL\n * AArch64 port\n - S8145320, PR3078: Create unsafe_arraycopy and\n generic_arraycopy for AArch64\n - S8148328, PR3078: aarch64: redundant lsr instructions in stub\n code.\n - S8148783, PR3078: aarch64: SEGV running SpecJBB2013\n - S8148948, PR3078: aarch64: generate_copy_longs calls align()\n incorrectly\n - S8149080, PR3078: AArch64: Recognise disjoint array copy in\n stub code\n - S8149365, PR3078: aarch64: memory copy does not prefetch on\n backwards copy\n - S8149907, PR3078: aarch64: use load/store pair instructions\n in call_stub\n - S8150038, PR3078: aarch64: make use of CBZ and CBNZ when\n comparing narrow pointer with zero\n - S8150045, PR3078: arraycopy causes segfaults in SATB during\n garbage collection\n - S8150082, PR3078: aarch64: optimise small array copy\n - S8150229, PR3078: aarch64: pipeline class for several\n instructions is not set correctly\n - S8150313, PR3078: aarch64: optimise array copy using SIMD\n instructions\n - S8150394, PR3078: aarch64: add support for 8.1 LSE CAS\n instructions\n - S8151340, PR3078: aarch64: prefetch the destination word for\n write prior to ldxr/stxr loops.\n - S8151502, PR3078: optimize pd_disjoint_words and\n pd_conjoint_words\n - S8151775, PR3078: aarch64: add support for 8.1 LSE atomic\n operations\n - S8152537, PR3078: aarch64: Make use of CBZ and CBNZ when\n comparing unsigned values with zero.\n - S8152840, PR3078: aarch64: improve _unsafe_arraycopy stub\n routine\n - S8153713, PR3078: aarch64: improve short array clearing using\n store pair\n - S8153797, PR3078: aarch64: Add Arrays.fill stub code\n - S8154537, PR3078: AArch64: some integer rotate instructions\n are never emitted\n - S8154739, PR3078: AArch64: TemplateTable::fast_xaccess loads\n in wrong mode\n - S8155015, PR3078: Aarch64: bad assert in spill generation\n code\n - S8155100, PR3078: AArch64: Relax alignment requirement for\n byte_map_base\n - S8155612, PR3078: Aarch64: vector nodes need to support\n misaligned offset\n - S8155617, PR3078: aarch64: ClearArray does not use DC ZVA\n - S8155653, PR3078: TestVectorUnalignedOffset.java not pushed\n with 8155612\n - S8156731, PR3078: aarch64: java/util/Arrays/Correct.java fails\n due to _generic_arraycopy stub routine\n - S8157841, PR3078: aarch64: prefetch ignores cache line size\n - S8157906, PR3078: aarch64: some more integer rotate\n instructions are never emitted\n - S8158913, PR3078: aarch64: SEGV running Spark terasort\n - S8159052, PR3078: aarch64: optimise unaligned copies in\n pd_disjoint_words and pd_conjoint_words\n - S8159063, PR3078: aarch64: optimise unaligned array copy long\n - PR3078: Cleanup remaining differences from aarch64/jdk8u tree\n- Fix script linking /usr/share/javazi/tzdb.dat for platform where\n it applies (bsc#987895)\n\n- Fix aarch64 running with 48 bits va space (bsc#984684)\n\n avoid some crashes\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-SP1-2016-1187,SUSE-SLE-SERVER-12-SP1-2016-1187",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_2012-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:2012-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162012-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:2012-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-August/002198.html"
},
{
"category": "self",
"summary": "SUSE Bug 984684",
"url": "https://bugzilla.suse.com/984684"
},
{
"category": "self",
"summary": "SUSE Bug 987895",
"url": "https://bugzilla.suse.com/987895"
},
{
"category": "self",
"summary": "SUSE Bug 988651",
"url": "https://bugzilla.suse.com/988651"
},
{
"category": "self",
"summary": "SUSE Bug 989721",
"url": "https://bugzilla.suse.com/989721"
},
{
"category": "self",
"summary": "SUSE Bug 989722",
"url": "https://bugzilla.suse.com/989722"
},
{
"category": "self",
"summary": "SUSE Bug 989723",
"url": "https://bugzilla.suse.com/989723"
},
{
"category": "self",
"summary": "SUSE Bug 989725",
"url": "https://bugzilla.suse.com/989725"
},
{
"category": "self",
"summary": "SUSE Bug 989726",
"url": "https://bugzilla.suse.com/989726"
},
{
"category": "self",
"summary": "SUSE Bug 989727",
"url": "https://bugzilla.suse.com/989727"
},
{
"category": "self",
"summary": "SUSE Bug 989728",
"url": "https://bugzilla.suse.com/989728"
},
{
"category": "self",
"summary": "SUSE Bug 989729",
"url": "https://bugzilla.suse.com/989729"
},
{
"category": "self",
"summary": "SUSE Bug 989730",
"url": "https://bugzilla.suse.com/989730"
},
{
"category": "self",
"summary": "SUSE Bug 989731",
"url": "https://bugzilla.suse.com/989731"
},
{
"category": "self",
"summary": "SUSE Bug 989732",
"url": "https://bugzilla.suse.com/989732"
},
{
"category": "self",
"summary": "SUSE Bug 989733",
"url": "https://bugzilla.suse.com/989733"
},
{
"category": "self",
"summary": "SUSE Bug 989734",
"url": "https://bugzilla.suse.com/989734"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3458 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3485 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3485/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3498 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3498/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3500 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3503 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3503/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3508 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3508/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3511 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3511/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3550 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3550/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3552 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3552/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3587 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3598 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3598/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3606 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3606/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3610 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3610/"
}
],
"title": "Security update for java-1_8_0-openjdk",
"tracking": {
"current_release_date": "2016-08-09T11:33:15Z",
"generator": {
"date": "2016-08-09T11:33:15Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:2012-1",
"initial_release_date": "2016-08-09T11:33:15Z",
"revision_history": [
{
"date": "2016-08-09T11:33:15Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"product": {
"name": "java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"product_id": "java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"product": {
"name": "java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"product_id": "java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"product": {
"name": "java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"product_id": "java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"product": {
"name": "java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"product_id": "java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"product": {
"name": "java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"product_id": "java-1_8_0-openjdk-1.8.0.101-14.3.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"product": {
"name": "java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"product_id": "java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"product": {
"name": "java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"product_id": "java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"product": {
"name": "java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"product_id": "java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"product": {
"name": "java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"product_id": "java-1_8_0-openjdk-1.8.0.101-14.3.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"product": {
"name": "java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"product_id": "java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"product": {
"name": "java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"product_id": "java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"product": {
"name": "java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"product_id": "java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-1.8.0.101-14.3.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64"
},
"product_reference": "java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
},
"product_reference": "java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le"
},
"product_reference": "java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-1.8.0.101-14.3.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x"
},
"product_reference": "java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-1.8.0.101-14.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64"
},
"product_reference": "java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le"
},
"product_reference": "java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x"
},
"product_reference": "java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64"
},
"product_reference": "java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le"
},
"product_reference": "java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x"
},
"product_reference": "java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64"
},
"product_reference": "java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le"
},
"product_reference": "java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x"
},
"product_reference": "java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
},
"product_reference": "java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le"
},
"product_reference": "java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-1.8.0.101-14.3.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x"
},
"product_reference": "java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-1.8.0.101-14.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64"
},
"product_reference": "java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le"
},
"product_reference": "java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x"
},
"product_reference": "java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64"
},
"product_reference": "java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le"
},
"product_reference": "java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x"
},
"product_reference": "java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64"
},
"product_reference": "java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le"
},
"product_reference": "java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x"
},
"product_reference": "java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
},
"product_reference": "java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-3458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3458"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3458",
"url": "https://www.suse.com/security/cve/CVE-2016-3458"
},
{
"category": "external",
"summary": "SUSE Bug 989732 for CVE-2016-3458",
"url": "https://bugzilla.suse.com/989732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:33:15Z",
"details": "moderate"
}
],
"title": "CVE-2016-3458"
},
{
"cve": "CVE-2016-3485",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3485"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3485",
"url": "https://www.suse.com/security/cve/CVE-2016-3485"
},
{
"category": "external",
"summary": "SUSE Bug 1009280 for CVE-2016-3485",
"url": "https://bugzilla.suse.com/1009280"
},
{
"category": "external",
"summary": "SUSE Bug 989734 for CVE-2016-3485",
"url": "https://bugzilla.suse.com/989734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:33:15Z",
"details": "low"
}
],
"title": "CVE-2016-3485"
},
{
"cve": "CVE-2016-3498",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3498"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows remote attackers to affect availability via vectors related to JavaFX.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3498",
"url": "https://www.suse.com/security/cve/CVE-2016-3498"
},
{
"category": "external",
"summary": "SUSE Bug 989729 for CVE-2016-3498",
"url": "https://bugzilla.suse.com/989729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:33:15Z",
"details": "moderate"
}
],
"title": "CVE-2016-3498"
},
{
"cve": "CVE-2016-3500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3500"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3508.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3500",
"url": "https://www.suse.com/security/cve/CVE-2016-3500"
},
{
"category": "external",
"summary": "SUSE Bug 989730 for CVE-2016-3500",
"url": "https://bugzilla.suse.com/989730"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:33:15Z",
"details": "moderate"
}
],
"title": "CVE-2016-3500"
},
{
"cve": "CVE-2016-3503",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3503"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Install.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3503",
"url": "https://www.suse.com/security/cve/CVE-2016-3503"
},
{
"category": "external",
"summary": "SUSE Bug 989728 for CVE-2016-3503",
"url": "https://bugzilla.suse.com/989728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:33:15Z",
"details": "moderate"
}
],
"title": "CVE-2016-3503"
},
{
"cve": "CVE-2016-3508",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3508"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3508",
"url": "https://www.suse.com/security/cve/CVE-2016-3508"
},
{
"category": "external",
"summary": "SUSE Bug 989731 for CVE-2016-3508",
"url": "https://bugzilla.suse.com/989731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:33:15Z",
"details": "moderate"
}
],
"title": "CVE-2016-3508"
},
{
"cve": "CVE-2016-3511",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3511"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Deployment.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3511",
"url": "https://www.suse.com/security/cve/CVE-2016-3511"
},
{
"category": "external",
"summary": "SUSE Bug 1009280 for CVE-2016-3511",
"url": "https://bugzilla.suse.com/1009280"
},
{
"category": "external",
"summary": "SUSE Bug 989727 for CVE-2016-3511",
"url": "https://bugzilla.suse.com/989727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:33:15Z",
"details": "moderate"
}
],
"title": "CVE-2016-3511"
},
{
"cve": "CVE-2016-3550",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3550"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality via vectors related to Hotspot.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3550",
"url": "https://www.suse.com/security/cve/CVE-2016-3550"
},
{
"category": "external",
"summary": "SUSE Bug 989733 for CVE-2016-3550",
"url": "https://bugzilla.suse.com/989733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:33:15Z",
"details": "moderate"
}
],
"title": "CVE-2016-3550"
},
{
"cve": "CVE-2016-3552",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3552"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Install.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3552",
"url": "https://www.suse.com/security/cve/CVE-2016-3552"
},
{
"category": "external",
"summary": "SUSE Bug 989726 for CVE-2016-3552",
"url": "https://bugzilla.suse.com/989726"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:33:15Z",
"details": "moderate"
}
],
"title": "CVE-2016-3552"
},
{
"cve": "CVE-2016-3587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3587"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3587",
"url": "https://www.suse.com/security/cve/CVE-2016-3587"
},
{
"category": "external",
"summary": "SUSE Bug 989721 for CVE-2016-3587",
"url": "https://bugzilla.suse.com/989721"
},
{
"category": "external",
"summary": "SUSE Bug 998845 for CVE-2016-3587",
"url": "https://bugzilla.suse.com/998845"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:33:15Z",
"details": "important"
}
],
"title": "CVE-2016-3587"
},
{
"cve": "CVE-2016-3598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3598"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3610.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3598",
"url": "https://www.suse.com/security/cve/CVE-2016-3598"
},
{
"category": "external",
"summary": "SUSE Bug 1009280 for CVE-2016-3598",
"url": "https://bugzilla.suse.com/1009280"
},
{
"category": "external",
"summary": "SUSE Bug 989723 for CVE-2016-3598",
"url": "https://bugzilla.suse.com/989723"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:33:15Z",
"details": "important"
}
],
"title": "CVE-2016-3598"
},
{
"cve": "CVE-2016-3606",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3606"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3606",
"url": "https://www.suse.com/security/cve/CVE-2016-3606"
},
{
"category": "external",
"summary": "SUSE Bug 989722 for CVE-2016-3606",
"url": "https://bugzilla.suse.com/989722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:33:15Z",
"details": "important"
}
],
"title": "CVE-2016-3606"
},
{
"cve": "CVE-2016-3610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3610"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3598.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3610",
"url": "https://www.suse.com/security/cve/CVE-2016-3610"
},
{
"category": "external",
"summary": "SUSE Bug 989725 for CVE-2016-3610",
"url": "https://bugzilla.suse.com/989725"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-demo-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-devel-1.8.0.101-14.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-openjdk-headless-1.8.0.101-14.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:33:15Z",
"details": "important"
}
],
"title": "CVE-2016-3610"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…