OPENSUSE-SU-2020:1984-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: - Update to upstream tag jdk-11.0.9-11 October 2020 CPU, bsc1177943 New features + JDK-8250784: Shenandoah: A Low-Pause-Time Garbage Collector Security fixes + JDK-8233624: Enhance JNI linkage + JDK-8236196: Improve string pooling +...

Attackers Target Porn Site Goers in ‘Malsmoke’ Zloader Attack

Cybercriminals are tricking adult website visitors – including sites such as bravoporn.com and xhamster.com – in malvertising attacks that redirect victims to malicious websites serving up malware. The campaign, which is part of a larger malvertising effort dubbed “malsmoke”, has been tracked...

Malsmoke operators abandon exploit kits in favor of social engineering scheme

Exploit kits continue to be used as a malware delivery platform. In 2020, weve observed a number of different malvertising campaigns leading to RIG, Fallout, Spelevo and Purple Fox, among others. And, in September, we put out a blog post detailing a surge in malvertising via adult websites. One o...

Security update for java-1_8_0-openj9 (important)

openSUSE Security Update: Security update for java-180-openj9 Announcement ID: openSUSE-SU-2020:1893-1 Rating: important References: 1174157 1177943 Cross-References: CVE-2020-14556 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621...

SUSE-SU-2020:3191-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: - Fix regression '8250861: Crash in MinINode::IdealPhaseGVN, bool', introduced in October 2020 CPU. - Update to version jdk8u272 icedtea 3.17.0 July 2020 CPU, bsc1174157, and October 2020 CPU, bsc1177943 New features + JDK-8245468: Add...

Security Bulletin: CVE-2020-2590 (deferred from Oracle Jan 2020 CPU)

Summary Steps to update Java for QMF Workstation & QMF Vision Vulnerability Details CVEID: CVE-2020-2590 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Security component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact,...

Security Bulletin: CVE-2020-2601 (deferred from Oracle Jan 2020 CPU)

Summary Steps to update Java for QMF Workstation & QMF Vision Vulnerability Details CVEID: CVE-2020-2601 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded Security component could allow an unauthenticated attacker to obtain sensitive information...

SUSE-SU-2020:2482-1 Security update for java-1_7_1-ibm

This update for java-171-ibm fixes the following issues: - Update to Java 7.1 Service Refresh 4 Fix Pack 70 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 Class Libraries: - UPDATE TIMEZONE INFORMATION TO TZDATA2020A...

SUSE-SU-2020:14484-1 Security update for java-1_7_1-ibm

This update for java-171-ibm fixes the following issues: - Update to Java 7.1 Service Refresh 4 Fix Pack 70 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 Class Libraries: - UPDATE TIMEZONE INFORMATION TO TZDATA2020A...

SUSE-SU-2020:2461-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 6 Fix Pack 15 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14556 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 Class Libraries: -...

SUSE-SU-2020:14482-1 Security update for java-1_7_0-ibm

This update for java-170-ibm fixes the following issues: - Update to Java 7.0 Service Refresh 10 Fix Pack 70 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 Class Libraries: - TRANSLATION MESSAGES UPDATE FOR JCL -...

OPENSUSE-SU-2020:1191-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: - Update to upstream tag jdk-11.0.8+10 July 2020 CPU, bsc1174157 Security fixes: + JDK-8230613: Better ASCII conversions + JDK-8231800: Better listing of arrays + JDK-8232014: Expand DTD support + JDK-8233234: Better Zip Naming +...

Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x i386/x86_64 (20200716)

Security Fixes : - OpenJDK: Bypass of boundary checks in nio.Buffer via concurrent access Libraries, 8238920 CVE-2020-14583 - OpenJDK: Incomplete bounds checks in Affine Transformations 2D, 8240119 CVE-2020-14593 - OpenJDK: Incorrect handling of access control context in ForkJoinPool Libraries,...

Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM Infosphere BigInsights (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Infosphere BigInsights. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to...

SUSE SLES15 Security Update : java-1_8_0-ibm (SUSE-SU-2020:1684-1)

This update for java-180-ibm fixes the following issues : java-180-ibm was updated to Java 8.0 Service Refresh 6 Fix Pack 10 bsc1172277,bsc1169511,bsc1160968 CVE-2020-2654: Fixed an issue which could have resulted in unauthorized ability to cause a partial denial of service CVE-2020-2754: Forward...

SUSE-SU-2020:1686-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk to version jdk8u252 fixes the following issues: - CVE-2020-2754: Forward references to Nashorn bsc1169511 - CVE-2020-2755: Improve Nashorn matching bsc1169511 - CVE-2020-2756: Better mapping of serial ENUMs bsc1169511 - CVE-2020-2757: Less Blocking Array Queues...

SUSE-SU-2020:1683-1 Security update for java-1_7_1-ibm

This update for java-171-ibm fixes the following issues: java-171-ibm was updated to Java 7.1 Service Refresh 4 Fix Pack 65 bsc1172277 and bsc1169511 - CVE-2020-2654: Fixed an issue which could have resulted in unauthorized ability to cause a partial denial of service - CVE-2020-2756: Improved...

OPENSUSE-SU-2020:0800-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk to version jdk8u252 fixes the following issues: - CVE-2020-2754: Forward references to Nashorn bsc1169511 - CVE-2020-2755: Improve Nashorn matching bsc1169511 - CVE-2020-2756: Better mapping of serial ENUMs bsc1169511 - CVE-2020-2757: Less Blocking Array Queues...

Debian: Security Advisory (DLA-2245-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2020:1571-1 Security update for java-1_7_0-openjdk

This update for java-170-openjdk to version 7u261 fixes the following issues: - CVE-2020-2756: Better mapping of serial ENUMs bsc1169511 - CVE-2020-2757: Less Blocking Array Queues bsc1169511 - CVE-2020-2773: Better signatures in XML bsc1169511 - CVE-2020-2781: Improve TLS session handling...