Security update for java-1_8_0-openjdk (critical)

java-1_8_0-openjdk was updated to version 7u95 to fix several security
issues. (bsc#962743)

The following vulnerabilities were fixed:

• CVE-2015-7575: Further reduce use of MD5 (SLOTH) (bsc#960996)
• CVE-2015-8126: Vulnerability in the AWT component related to
  splashscreen displays
• CVE-2015-8472: Vulnerability in the AWT component, addressed by same fix
• CVE-2016-0402: Vulnerability in the Networking component related to URL
  processing
• CVE-2016-0448: Vulnerability in the JMX comonent related to attribute
  processing
• CVE-2016-0466: Vulnerability in the JAXP component, related to limits
• CVE-2016-0483: Vulnerability in the AWT component related to image
  decoding
• CVE-2016-0494: Vulnerability in 2D component related to font actions

Includes the following fixes from the October 2015 update: (bsc#951376)

• CVE-2015-4734: A remote user can exploit a flaw in the Embedded JGSS
  component to partially access data
• CVE-2015-4803: A remote user can exploit a flaw in the JRockit JAXP
  component to cause partial denial of service conditions
• CVE-2015-4805: A remote user can exploit a flaw in the Embedded
  Serialization component to gain elevated privileges
• CVE-2015-4806: A remote user can exploit a flaw in the Java SE Embedded
  Libraries component to partially access and partially modify data
• CVE-2015-4835: A remote user can exploit a flaw in the Embedded CORBA
  component to gain elevated privileges
• CVE-2015-4842: A remote user can exploit a flaw in the Embedded JAXP
  component to partially access data
• CVE-2015-4843: A remote user can exploit a flaw in the Java SE Embedded
  Libraries component to gain elevated privileges
• CVE-2015-4844: A remote user can exploit a flaw in the Embedded 2D
  component to gain elevated privileges
• CVE-2015-4860: A remote user can exploit a flaw in the Embedded RMI
  component to gain elevated privileges
• CVE-2015-4872: A remote user can exploit a flaw in the JRockit Security
  component to partially modify data [].
• CVE-2015-4881: A remote user can exploit a flaw in the Embedded CORBA
  component to gain elevated privileges
• CVE-2015-4882: A remote user can exploit a flaw in the Embedded CORBA
  component to cause partial denial of service conditions
• CVE-2015-4883: A remote user can exploit a flaw in the Embedded RMI
  component to gain elevated privileges
• CVE-2015-4893: A remote user can exploit a flaw in the JRockit JAXP
  component to cause partial denial of service conditions
• CVE-2015-4902: A remote user can exploit a flaw in the Java SE
  Deployment component to partially modify data
• CVE-2015-4903: A remote user can exploit a flaw in the Embedded RMI
  component to partially access data
• CVE-2015-4911: A remote user can exploit a flaw in the JRockit JAXP
  component to cause partial denial of service conditions
• CVE-2015-4810: A local user can exploit a flaw in the Java SE Deployment
  component to gain elevated privileges
• CVE-2015-4840: A remote user can exploit a flaw in the Embedded 2D
  component to partially access data
• CVE-2015-4868: A remote user can exploit a flaw in the Java SE Embedded
  Libraries component to gain elevated privileges
• CVE-2015-4901: A remote user can exploit a flaw in the JavaFX component
  to gain elevated privileges
• CVE-2015-4906: A remote user can exploit a flaw in the JavaFX component
  to partially access data
• CVE-2015-4908: A remote user can exploit a flaw in the JavaFX component
  to partially access data
• CVE-2015-4916: A remote user can exploit a flaw in the JavaFX component
  to partially access data