This update for java-1_7_0-openjdk fixes the following issues:
Security issues fixed:
- CVE-2017-10356: Fix issue inside subcomponent Security (bsc#1064084).
- CVE-2017-10274: Fix issue inside subcomponent Smart Card IO
(bsc#1064071).
- CVE-2017-10281: Fix issue inside subcomponent Serialization
(bsc#1064072).
- CVE-2017-10285: Fix issue inside subcomponent RMI (bsc#1064073).
- CVE-2017-10295: Fix issue inside subcomponent Networking (bsc#1064075).
- CVE-2017-10388: Fix issue inside subcomponent Libraries (bsc#1064086).
- CVE-2017-10346: Fix issue inside subcomponent Hotspot (bsc#1064078).
- CVE-2017-10350: Fix issue inside subcomponent JAX-WS (bsc#1064082).
- CVE-2017-10347: Fix issue inside subcomponent Serialization
(bsc#1064079).
- CVE-2017-10349: Fix issue inside subcomponent JAXP (bsc#1064081).
- CVE-2017-10345: Fix issue inside subcomponent Serialization
(bsc#1064077).
- CVE-2017-10348: Fix issue inside subcomponent Libraries (bsc#1064080).
- CVE-2017-10357: Fix issue inside subcomponent Serialization
(bsc#1064085).
- CVE-2017-10355: Fix issue inside subcomponent Networking (bsc#1064083).
- CVE-2017-10102: Fix incorrect handling of references in DGC
(bsc#1049316).
- CVE-2017-10053: Fix reading of unprocessed image data in JPEGImageReader
(bsc#1049305).
- CVE-2017-10067: Fix JAR verifier incorrect handling of missing digest
(bsc#1049306).
- CVE-2017-10081: Fix incorrect bracket processing in function signature
handling (bsc#1049309).
- CVE-2017-10087: Fix insufficient access control checks in
ThreadPoolExecutor (bsc#1049311).
- CVE-2017-10089: Fix insufficient access control checks in
ServiceRegistry (bsc#1049312).
- CVE-2017-10090: Fix insufficient access control checks in
AsynchronousChannelGroupImpl (bsc#1049313).
- CVE-2017-10096: Fix insufficient access control checks in XML
transformations (bsc#1049314).
- CVE-2017-10101: Fix unrestricted access to
com.sun.org.apache.xml.internal.resolver (bsc#1049315).
- CVE-2017-10107: Fix insufficient access control checks in ActivationID
(bsc#1049318).
- CVE-2017-10074: Fix integer overflows in range check loop predicates
(bsc#1049307).
- CVE-2017-10110: Fix insufficient access control checks in ImageWatched
(bsc#1049321).
- CVE-2017-10108: Fix unbounded memory allocation in BasicAttribute
deserialization (bsc#1049319).
- CVE-2017-10109: Fix unbounded memory allocation in CodeSource
deserialization (bsc#1049320).
- CVE-2017-10115: Fix unspecified vulnerability in subcomponent JCE
(bsc#1049324).
- CVE-2017-10118: Fix ECDSA implementation timing attack (bsc#1049326).
- CVE-2017-10116: Fix LDAPCertStore following referrals to non-LDAP URL
(bsc#1049325).
- CVE-2017-10135: Fix PKCS#8 implementation timing attack (bsc#1049328).
- CVE-2017-10176: Fix incorrect handling of certain EC points
(bsc#1049329).
- CVE-2017-10074: Fix integer overflows in range check loop predicates
(bsc#1049307).
- CVE-2017-10074: Fix integer overflows in range check loop predicates
(bsc#1049307).
- CVE-2017-10111: Fix checks in LambdaFormEditor (bsc#1049322).
- CVE-2017-10243: Fix unspecified vulnerability in subcomponent JAX-WS
(bsc#1049332).
- CVE-2017-10125: Fix unspecified vulnerability in subcomponent deployment
(bsc#1049327).
- CVE-2017-10114: Fix unspecified vulnerability in subcomponent JavaFX
(bsc#1049323).
- CVE-2017-10105: Fix unspecified vulnerability in subcomponent deployment
(bsc#1049317).
- CVE-2017-10086: Fix unspecified in subcomponent JavaFX (bsc#1049310).
- CVE-2017-10198: Fix incorrect enforcement of certificate path
restrictions (bsc#1049331).
- CVE-2017-10193: Fix incorrect key size constraint check (bsc#1049330).
Bug fixes:
- Drop Exec Shield workaround to fix crashes on recent kernels, where Exec
Shield is gone (bsc#1052318).
This update was imported from the SUSE:SLE-12:Update update project.