Security update for java-1_8_0-openjdk (important)

An update that solves 13 vulnerabilities and has three
fixes is now available.

Description:

This update for java-1_8_0-openjdk fixes the following issues:

Update to version jdk8u322 (icedtea-3.22.0)

Including the following security fixes:

• CVE-2022-21248, bsc#1194926: Enhance cross VM serialization
• CVE-2022-21283, bsc#1194937: Better String matching
• CVE-2022-21293, bsc#1194935: Improve String constructions
• CVE-2022-21294, bsc#1194934: Enhance construction of Identity maps
• CVE-2022-21282, bsc#1194933: Better resolution of URIs
• CVE-2022-21296, bsc#1194932: Improve SAX Parser configuration management
• CVE-2022-21299, bsc#1194931: Improved scanning of XML entities
• CVE-2022-21305, bsc#1194939: Better array indexing
• CVE-2022-21340, bsc#1194940: Verify Jar Verification
• CVE-2022-21341, bsc#1194941: Improve serial forms for transport
• CVE-2022-21349: Improve Solaris font rendering
• CVE-2022-21360, bsc#1194929: Enhance BMP image support
• CVE-2022-21365, bsc#1194928: Enhanced BMP processing

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

• openSUSE Leap 15.4:

  zypper in -t patch openSUSE-SLE-15.4-2022-873=1

• openSUSE Leap 15.3:

  zypper in -t patch openSUSE-SLE-15.3-2022-873=1