This update for java-1_7_0-openjdk fixes the following issues :
Oracle Critical Patch Update of January 2017 to OpenJDK 7u131 (bsc#1020905) :
Security Fixes
S8138725: Add options for Javadoc generation
S8140353: Improve signature checking
S8151934, CVE-2017-3231: Resolve class resolution
S8156804, CVE-2017-3241: Better constraint checking
S8158406: Limited Parameter Processing
S8158997: JNDI Protocols Switch
S8159507: RuntimeVisibleAnnotation validation
S8161218: Better bytecode loading
S8161743, CVE-2017-3252: Provide proper login context
S8162577: Standardize logging levels
S8162973: Better component components
S8164143, CVE-2017-3260: Improve components for menu items
S8164147, CVE-2017-3261: Improve streaming socket output
S8165071, CVE-2016-2183: Expand TLS support
S8165344, CVE-2017-3272: Update concurrency support
S8166988, CVE-2017-3253: Improve image processing performance
S8167104, CVE-2017-3289: Additional class construction refinements
S8167223, CVE-2016-5552: URL handling improvements
S8168705, CVE-2016-5547: Better ObjectIdentifier validation
S8168714, CVE-2016-5546: Tighten ECDSA validation
S8168728, CVE-2016-5548: DSA signing improvments
S8168724, CVE-2016-5549: ECDSA signing improvments
S6253144: Long narrowing conversion should describe the algorithm used and implied ‘risks’
S6328537: Improve javadocs for Socket class by adding references to SocketOptions
S6978886: javadoc shows stacktrace after print error resulting from disk full
S6995421: Eliminate the static dependency to sun.security.ec.ECKeyFactory
S6996372: synchronizing handshaking hash
S7027045: (doc) java/awt/Window.java has several typos in javadoc
S7054969: Null-check-in-finally pattern in java/security documentation
S7072353: JNDI libraries do not build with javac
-Xlint:all -Werror
S7075563: Broken link in ‘javax.swing.SwingWorker’
S7077672: jdk8_tl nightly fail in step-2 build on 8/10/11
S7088502: Security libraries don’t build with javac
-Werror
S7092447: Clarify the default locale used in each locale sensitive operation
S7093640: Enable client-side TLS 1.2 by default
S7103570: AtomicIntegerFieldUpdater does not work when SecurityManager is installed
S7117360: Warnings in java.util.concurrent.atomic package
S7117465: Warning cleanup for IMF classes
S7187144: JavaDoc for ScriptEngineFactory.getProgram() contains an error
S8000418: javadoc should used a standard ‘generated by javadoc’ string
S8000666: javadoc should write directly to Writer instead of composing strings
S8000673: remove dead code from HtmlWriter and subtypes
S8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
S8001669: javadoc internal DocletAbortException should set cause when appropriate
S8008949: javadoc stopped copying doc-files
S8011402: Move blacklisting certificate logic from hard code to data
S8011547: Update XML Signature implementation to Apache Santuario 1.5.4
S8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
S8016217: More javadoc warnings
S8017325: Cleanup of the javadoc <code> tag in java.security.cert
S8017326: Cleanup of the javadoc <code> tag in java.security.spec
S8019772: Fix doclint issues in javax.crypto and javax.security subpackages
S8020557: javadoc cleanup in javax.security
S8020688: Broken links in documentation at http://docs.oracle.com/javase/6/docs/api/index.
S8021108: Clean up doclint warnings and errors in java.text package
S8021417: Fix doclint issues in java.util.concurrent
S8021833: javadoc cleanup in java.net
S8022120: JCK test api/javax_xml/crypto/dsig/TransformService/index_ParamMe thods fails
S8022175: Fix doclint warnings in javax.print
S8022406: Fix doclint issues in java.beans
S8022746: List of spelling errors in API doc
S8024779: [macosx] SwingNode crashes on exit
S8025085: [javadoc] some errors in javax/swing
S8025218: [javadoc] some errors in java/awt classes
S8025249: [javadoc] fix some javadoc errors in javax/swing/
S8025409: Fix javadoc comments errors and warning reported by doclint report
S8026021: more fix of javadoc errors and warnings reported by doclint, see the description
S8037099: [macosx] Remove all references to GC from native OBJ-C code
S8038184: XMLSignature throws StringIndexOutOfBoundsException if ID attribute value is empty String
S8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
S8049244: XML Signature performance issue caused by unbuffered signature data
S8049432: New tests for TLS property jdk.tls.client.protocols
S8050893: (smartcardio) Invert reset argument in tests in sun/security/smartcardio
S8059212: Modify regression tests so that they do not just fail if no cardreader found
S8068279: (typo in the spec) javax.script.ScriptEngineFactory.getLanguageName
S8068491: Update the protocol for references of docs.oracle.com to HTTPS.
S8069038: javax/net/ssl/TLS/TLSClientPropertyTest.java needs to be updated for JDK-8061210
S8076369: Introduce the jdk.tls.client.protocols system property for JDK 7u
S8139565: Restrict certificates with DSA keys less than 1024 bits
S8140422: Add mechanism to allow non default root CAs to be not subject to algorithm restrictions
S8140587: Atomic*FieldUpdaters should use Class.isInstance instead of direct class check
S8143959: Certificates requiring blacklisting
S8145984: [macosx] sun.lwawt.macosx.CAccessible leaks
S8148516: Improve the default strength of EC in JDK
S8149029: Secure validation of XML based digital signature always enabled when checking wrapping attacks
S8151893: Add security property to configure XML Signature secure validation mode
S8155760: Implement Serialization Filtering
S8156802: Better constraint checking
S8161228: URL objects with custom protocol handlers have port changed after deserializing
S8161571: Verifying ECDSA signatures permits trailing bytes
S8163304: jarsigner -verbose -verify should print the algorithms used to sign the jar
S8164908: ReflectionFactory support for IIOP and custom serialization
S8165230: RMIConnection addNotificationListeners failing with specific inputs
S8166393: disabledAlgorithms property should not be strictly parsed
S8166591: [macos 10.12] Trackpad scrolling of text on OS X 10.12 Sierra is very fast (Trackpad, Retina only)
S8166739: Improve extensibility of ObjectInputFilter information passed to the filter
S8166875: (tz) Support tzdata2016g
S8166878: Connection reset during TLS handshake
S8167356: Follow up fix for jdk8 backport of 8164143.
Changes for CMenuComponent.m were missed
S8167459: Add debug output for indicating if a chosen ciphersuite was legacy
S8167472: Chrome interop regression with JDK-8148516
S8167591: Add MD5 to signed JAR restrictions
S8168861: AnchorCertificates uses hardcoded password for cacerts keystore
S8168993: JDK8u121 L10n resource file update
S8169191: (tz) Support tzdata2016i
S8169688: Backout (remove) MD5 from jdk.jar.disabledAlgorithms for January CPU
S8169911: Enhanced tests for jarsigner -verbose -verify after JDK-8163304
S8170131: Certificates not being blocked by jdk.tls.disabledAlgorithms property
S8170268: 8u121 L10n resource file update - msgdrop 20
S8173622: Backport of 7180907 is incomplete
S8173849: Fix use of java.util.Base64 in test cases
S8173854: [TEST] Update DHEKeySizing test case following 8076328 & 8081760
CVE-2017-3259 Vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE.
Backports
S7102489, PR3316, RH1390708: RFE: cleanup jlong typedef on __APPLE__and _LLP64 systems.
S8000351, PR3316, RH1390708: Tenuring threshold should be unsigned
S8153711, PR3315, RH1284948: [REDO] GlobalRefs never deleted when processing invokeMethod command
S8170888, PR3316, RH1390708: [linux] support for cgroup memory limits in container (ie Docker) environments
Bug fixes
PR3318: Replace ‘infinality’ with ‘improved font rendering’ (–enable-improved-font-rendering)
PR3318: Fix compatibility with vanilla Fontconfig
PR3318: Fix glyph y advance
PR3318: Always round glyph advance in 26.6 space
PR3318: Simplify glyph advance handling
PR3324: Fix NSS_LIBDIR substitution in make_generic_profile.sh broken by PR1989
AArch64 port
S8165673, PR3320: AArch64: Fix JNI floating point argument handling
This update was imported from the SUSE:SLE-12:Update update project.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2017-278.
#
# The text description of this plugin is (C) SUSE LLC.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(97287);
script_version("3.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2016-2183", "CVE-2016-5546", "CVE-2016-5547", "CVE-2016-5548", "CVE-2016-5549", "CVE-2016-5552", "CVE-2017-3231", "CVE-2017-3241", "CVE-2017-3252", "CVE-2017-3253", "CVE-2017-3259", "CVE-2017-3260", "CVE-2017-3261", "CVE-2017-3272", "CVE-2017-3289");
script_name(english:"openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2017-278)");
script_summary(english:"Check for the openSUSE-2017-278 patch");
script_set_attribute(
attribute:"synopsis",
value:"The remote openSUSE host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"This update for java-1_7_0-openjdk fixes the following issues :
- Oracle Critical Patch Update of January 2017 to OpenJDK
7u131 (bsc#1020905) :
- Security Fixes
- S8138725: Add options for Javadoc generation
- S8140353: Improve signature checking
- S8151934, CVE-2017-3231: Resolve class resolution
- S8156804, CVE-2017-3241: Better constraint checking
- S8158406: Limited Parameter Processing
- S8158997: JNDI Protocols Switch
- S8159507: RuntimeVisibleAnnotation validation
- S8161218: Better bytecode loading
- S8161743, CVE-2017-3252: Provide proper login context
- S8162577: Standardize logging levels
- S8162973: Better component components
- S8164143, CVE-2017-3260: Improve components for menu
items
- S8164147, CVE-2017-3261: Improve streaming socket output
- S8165071, CVE-2016-2183: Expand TLS support
- S8165344, CVE-2017-3272: Update concurrency support
- S8166988, CVE-2017-3253: Improve image processing
performance
- S8167104, CVE-2017-3289: Additional class construction
refinements
- S8167223, CVE-2016-5552: URL handling improvements
- S8168705, CVE-2016-5547: Better ObjectIdentifier
validation
- S8168714, CVE-2016-5546: Tighten ECDSA validation
- S8168728, CVE-2016-5548: DSA signing improvments
- S8168724, CVE-2016-5549: ECDSA signing improvments
- S6253144: Long narrowing conversion should describe the
algorithm used and implied 'risks'
- S6328537: Improve javadocs for Socket class by adding
references to SocketOptions
- S6978886: javadoc shows stacktrace after print error
resulting from disk full
- S6995421: Eliminate the static dependency to
sun.security.ec.ECKeyFactory
- S6996372: synchronizing handshaking hash
- S7027045: (doc) java/awt/Window.java has several typos
in javadoc
- S7054969: Null-check-in-finally pattern in java/security
documentation
- S7072353: JNDI libraries do not build with javac
-Xlint:all -Werror
- S7075563: Broken link in 'javax.swing.SwingWorker'
- S7077672: jdk8_tl nightly fail in step-2 build on
8/10/11
- S7088502: Security libraries don't build with javac
-Werror
- S7092447: Clarify the default locale used in each locale
sensitive operation
- S7093640: Enable client-side TLS 1.2 by default
- S7103570: AtomicIntegerFieldUpdater does not work when
SecurityManager is installed
- S7117360: Warnings in java.util.concurrent.atomic
package
- S7117465: Warning cleanup for IMF classes
- S7187144: JavaDoc for ScriptEngineFactory.getProgram()
contains an error
- S8000418: javadoc should used a standard 'generated by
javadoc' string
- S8000666: javadoc should write directly to Writer
instead of composing strings
- S8000673: remove dead code from HtmlWriter and subtypes
- S8000970: break out auxiliary classes that will prevent
multi-core compilation of the JDK
- S8001669: javadoc internal DocletAbortException should
set cause when appropriate
- S8008949: javadoc stopped copying doc-files
- S8011402: Move blacklisting certificate logic from hard
code to data
- S8011547: Update XML Signature implementation to Apache
Santuario 1.5.4
- S8012288: XML DSig API allows wrong tag names and extra
elements in SignedInfo
- S8016217: More javadoc warnings
- S8017325: Cleanup of the javadoc <code> tag in
java.security.cert
- S8017326: Cleanup of the javadoc <code> tag in
java.security.spec
- S8019772: Fix doclint issues in javax.crypto and
javax.security subpackages
- S8020557: javadoc cleanup in javax.security
- S8020688: Broken links in documentation at
http://docs.oracle.com/javase/6/docs/api/index.
- S8021108: Clean up doclint warnings and errors in
java.text package
- S8021417: Fix doclint issues in java.util.concurrent
- S8021833: javadoc cleanup in java.net
- S8022120: JCK test
api/javax_xml/crypto/dsig/TransformService/index_ParamMe
thods fails
- S8022175: Fix doclint warnings in javax.print
- S8022406: Fix doclint issues in java.beans
- S8022746: List of spelling errors in API doc
- S8024779: [macosx] SwingNode crashes on exit
- S8025085: [javadoc] some errors in javax/swing
- S8025218: [javadoc] some errors in java/awt classes
- S8025249: [javadoc] fix some javadoc errors in
javax/swing/
- S8025409: Fix javadoc comments errors and warning
reported by doclint report
- S8026021: more fix of javadoc errors and warnings
reported by doclint, see the description
- S8037099: [macosx] Remove all references to GC from
native OBJ-C code
- S8038184: XMLSignature throws
StringIndexOutOfBoundsException if ID attribute value is
empty String
- S8038349: Signing XML with DSA throws Exception when key
is larger than 1024 bits
- S8049244: XML Signature performance issue caused by
unbuffered signature data
- S8049432: New tests for TLS property
jdk.tls.client.protocols
- S8050893: (smartcardio) Invert reset argument in tests
in sun/security/smartcardio
- S8059212: Modify regression tests so that they do not
just fail if no cardreader found
- S8068279: (typo in the spec)
javax.script.ScriptEngineFactory.getLanguageName
- S8068491: Update the protocol for references of
docs.oracle.com to HTTPS.
- S8069038: javax/net/ssl/TLS/TLSClientPropertyTest.java
needs to be updated for JDK-8061210
- S8076369: Introduce the jdk.tls.client.protocols system
property for JDK 7u
- S8139565: Restrict certificates with DSA keys less than
1024 bits
- S8140422: Add mechanism to allow non default root CAs to
be not subject to algorithm restrictions
- S8140587: Atomic*FieldUpdaters should use
Class.isInstance instead of direct class check
- S8143959: Certificates requiring blacklisting
- S8145984: [macosx] sun.lwawt.macosx.CAccessible leaks
- S8148516: Improve the default strength of EC in JDK
- S8149029: Secure validation of XML based digital
signature always enabled when checking wrapping attacks
- S8151893: Add security property to configure XML
Signature secure validation mode
- S8155760: Implement Serialization Filtering
- S8156802: Better constraint checking
- S8161228: URL objects with custom protocol handlers have
port changed after deserializing
- S8161571: Verifying ECDSA signatures permits trailing
bytes
- S8163304: jarsigner -verbose -verify should print the
algorithms used to sign the jar
- S8164908: ReflectionFactory support for IIOP and custom
serialization
- S8165230: RMIConnection addNotificationListeners failing
with specific inputs
- S8166393: disabledAlgorithms property should not be
strictly parsed
- S8166591: [macos 10.12] Trackpad scrolling of text on OS
X 10.12 Sierra is very fast (Trackpad, Retina only)
- S8166739: Improve extensibility of ObjectInputFilter
information passed to the filter
- S8166875: (tz) Support tzdata2016g
- S8166878: Connection reset during TLS handshake
- S8167356: Follow up fix for jdk8 backport of 8164143.
Changes for CMenuComponent.m were missed
- S8167459: Add debug output for indicating if a chosen
ciphersuite was legacy
- S8167472: Chrome interop regression with JDK-8148516
- S8167591: Add MD5 to signed JAR restrictions
- S8168861: AnchorCertificates uses hardcoded password for
cacerts keystore
- S8168993: JDK8u121 L10n resource file update
- S8169191: (tz) Support tzdata2016i
- S8169688: Backout (remove) MD5 from
jdk.jar.disabledAlgorithms for January CPU
- S8169911: Enhanced tests for jarsigner -verbose -verify
after JDK-8163304
- S8170131: Certificates not being blocked by
jdk.tls.disabledAlgorithms property
- S8170268: 8u121 L10n resource file update - msgdrop 20
- S8173622: Backport of 7180907 is incomplete
- S8173849: Fix use of java.util.Base64 in test cases
- S8173854: [TEST] Update DHEKeySizing test case following
8076328 & 8081760
- CVE-2017-3259 Vulnerability allows unauthenticated
attacker with network access via multiple protocols to
compromise Java SE.
- Backports
- S7102489, PR3316, RH1390708: RFE: cleanup jlong typedef
on __APPLE__and _LLP64 systems.
- S8000351, PR3316, RH1390708: Tenuring threshold should
be unsigned
- S8153711, PR3315, RH1284948: [REDO] GlobalRefs never
deleted when processing invokeMethod command
- S8170888, PR3316, RH1390708: [linux] support for cgroup
memory limits in container (ie Docker) environments
- Bug fixes
- PR3318: Replace 'infinality' with 'improved font
rendering' (--enable-improved-font-rendering)
- PR3318: Fix compatibility with vanilla Fontconfig
- PR3318: Fix glyph y advance
- PR3318: Always round glyph advance in 26.6 space
- PR3318: Simplify glyph advance handling
- PR3324: Fix NSS_LIBDIR substitution in
make_generic_profile.sh broken by PR1989
- AArch64 port
- S8165673, PR3320: AArch64: Fix JNI floating point
argument handling
This update was imported from the SUSE:SLE-12:Update update project."
);
# http://docs.oracle.com/javase/6/docs/api/index.
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?2c4f4829"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1020905"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected java-1_7_0-openjdk packages."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-accessibility");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-bootstrap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-bootstrap-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-bootstrap-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-bootstrap-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-bootstrap-devel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-bootstrap-headless");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-bootstrap-headless-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-demo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-demo-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-devel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-headless");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-headless-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-javadoc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-src");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.1");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.2");
script_set_attribute(attribute:"patch_publication_date", value:"2017/02/19");
script_set_attribute(attribute:"plugin_publication_date", value:"2017/02/21");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE42\.1|SUSE42\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.1 / 42.2", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
flag = 0;
if ( rpm_check(release:"SUSE42.1", reference:"java-1_7_0-openjdk-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"java-1_7_0-openjdk-accessibility-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"java-1_7_0-openjdk-bootstrap-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"java-1_7_0-openjdk-bootstrap-debuginfo-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"java-1_7_0-openjdk-bootstrap-debugsource-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"java-1_7_0-openjdk-bootstrap-devel-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"java-1_7_0-openjdk-bootstrap-devel-debuginfo-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"java-1_7_0-openjdk-bootstrap-headless-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"java-1_7_0-openjdk-bootstrap-headless-debuginfo-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"java-1_7_0-openjdk-debuginfo-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"java-1_7_0-openjdk-debugsource-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"java-1_7_0-openjdk-demo-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"java-1_7_0-openjdk-demo-debuginfo-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"java-1_7_0-openjdk-devel-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"java-1_7_0-openjdk-devel-debuginfo-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"java-1_7_0-openjdk-headless-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"java-1_7_0-openjdk-headless-debuginfo-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"java-1_7_0-openjdk-javadoc-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"java-1_7_0-openjdk-src-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.2", reference:"java-1_7_0-openjdk-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.2", reference:"java-1_7_0-openjdk-accessibility-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.2", reference:"java-1_7_0-openjdk-bootstrap-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.2", reference:"java-1_7_0-openjdk-bootstrap-debuginfo-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.2", reference:"java-1_7_0-openjdk-bootstrap-debugsource-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.2", reference:"java-1_7_0-openjdk-bootstrap-devel-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.2", reference:"java-1_7_0-openjdk-bootstrap-devel-debuginfo-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.2", reference:"java-1_7_0-openjdk-bootstrap-headless-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.2", reference:"java-1_7_0-openjdk-bootstrap-headless-debuginfo-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.2", reference:"java-1_7_0-openjdk-debuginfo-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.2", reference:"java-1_7_0-openjdk-debugsource-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.2", reference:"java-1_7_0-openjdk-demo-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.2", reference:"java-1_7_0-openjdk-demo-debuginfo-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.2", reference:"java-1_7_0-openjdk-devel-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.2", reference:"java-1_7_0-openjdk-devel-debuginfo-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.2", reference:"java-1_7_0-openjdk-headless-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.2", reference:"java-1_7_0-openjdk-headless-debuginfo-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.2", reference:"java-1_7_0-openjdk-javadoc-1.7.0.131-40.1") ) flag++;
if ( rpm_check(release:"SUSE42.2", reference:"java-1_7_0-openjdk-src-1.7.0.131-40.1") ) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "java-1_7_0-openjdk-bootstrap / etc");
}
Vendor | Product | Version | CPE |
---|---|---|---|
novell | opensuse | java-1_7_0-openjdk | p-cpe:/a:novell:opensuse:java-1_7_0-openjdk |
novell | opensuse | java-1_7_0-openjdk-accessibility | p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-accessibility |
novell | opensuse | java-1_7_0-openjdk-bootstrap | p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-bootstrap |
novell | opensuse | java-1_7_0-openjdk-bootstrap-debuginfo | p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-bootstrap-debuginfo |
novell | opensuse | java-1_7_0-openjdk-bootstrap-debugsource | p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-bootstrap-debugsource |
novell | opensuse | java-1_7_0-openjdk-bootstrap-devel | p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-bootstrap-devel |
novell | opensuse | java-1_7_0-openjdk-bootstrap-devel-debuginfo | p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-bootstrap-devel-debuginfo |
novell | opensuse | java-1_7_0-openjdk-bootstrap-headless | p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-bootstrap-headless |
novell | opensuse | java-1_7_0-openjdk-bootstrap-headless-debuginfo | p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-bootstrap-headless-debuginfo |
novell | opensuse | java-1_7_0-openjdk-debuginfo | p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-debuginfo |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2183
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5546
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5547
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5548
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5549
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5552
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3231
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3241
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3252
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3253
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3259
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3260
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3261
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3272
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3289
www.nessus.org/u?2c4f4829
bugzilla.opensuse.org/show_bug.cgi?id=1020905