Jump to content
Compatible Support Forums
Sign in to follow this  
Followers 0
news

[security-announce] openSUSE-SU-2016:2051-1: important: Security update for java-1_8_0-openjdk

By news, in Upcoming News

Recommended Posts

news    28

news
Posted

openSUSE Security Update: Security update for java-1_8_0-openjdk

______________________________________________________________________________

 

Announcement ID: openSUSE-SU-2016:2051-1

Rating: important

References: #984684 #987895 #988651 #989721 #989722 #989723

#989725 #989726 #989727 #989728 #989729 #989730

#989731 #989732 #989733 #989734

Cross-References: CVE-2016-3458 CVE-2016-3485 CVE-2016-3498

CVE-2016-3500 CVE-2016-3503 CVE-2016-3508

CVE-2016-3511 CVE-2016-3550 CVE-2016-3552

CVE-2016-3587 CVE-2016-3598 CVE-2016-3606

CVE-2016-3610

Affected Products:

openSUSE Leap 42.1

______________________________________________________________________________

 

An update that solves 13 vulnerabilities and has three

fixes is now available.

 

Description:

 

 

This update for java-1_8_0-openjdk fixes the following issues:

 

- Upgrade to version jdk8u101 (icedtea 3.1.0)

- New in release 3.1.0 (2016-07-25):

* Security fixes

- S8079718, CVE-2016-3458: IIOP Input Stream Hooking (bsc#989732)

- S8145446, CVE-2016-3485: Perfect pipe placement (Windows

only) (bsc#989734)

- S8146514: Enforce GCM limits

- S8147771: Construction of static protection domains under Javax

custom policy

- S8148872, CVE-2016-3500: Complete name checking (bsc#989730)

- S8149070: Enforce update ordering

- S8149962, CVE-2016-3508: Better delineation of XML processing

(bsc#989731)

- S8150752: Share Class Data

- S8151925: Font reference improvements

- S8152479, CVE-2016-3550: Coded byte streams (bsc#989733)

- S8153312: Constrain AppCDS behavior

- S8154475, CVE-2016-3587: Clean up lookup visibility (bsc#989721)

- S8155981, CVE-2016-3606: Bolster bytecode verification (bsc#989722)

- S8155985, CVE-2016-3598: Persistent Parameter Processing (bsc#989723)

- S8158571, CVE-2016-3610: Additional method handle validation

(bsc#989725)

- CVE-2016-3552 (bsc#989726)

- CVE-2016-3511 (bsc#989727)

- CVE-2016-3503 (bsc#989728)

- CVE-2016-3498 (bsc#989729)

* New features

- S8145547, PR1061: [AWT/Swing] Conditional support for GTK 3

on Linux

- PR2821: Support building OpenJDK with --disable-headful

- PR2931, G478960: Provide Infinality Support via fontconfig

- PR3079: Provide option to build Shenandoah on x86_64

* Import of OpenJDK 8 u92 build 14

- S6869327: Add new C2 flag to keep safepoints in counted loops.

- S8022865: [TESTBUG] Compressed Oops testing needs to be revised

- S8029630: Thread id should be displayed as a hex number in error

report

- S8029726: On OS X some dtrace probe names are mismatched with Solaris

- S8029727: On OS X dtrace probes CallMethodA/CallMethodV

are not fired.

- S8029728: On OS X dtrace probes SetStaticBooleanField are not fired

- S8038184: XMLSignature throws StringIndexOutOfBound[censored]ception if ID

attribute value is empty String

- S8038349: Signing XML with DSA throws Exception when key is larger

than 1024 bits

- S8041501: ImageIO reader is not capable of reading JPEGs without

JFIF header

- S8041900: [macosx] Java forces the use of discrete GPU

- S8044363: Remove special build options for unpack200 executable

- S8046471: Use OPENJDK_TARGET_CPU_ARCH instead of legacy value for

hotspot ARCH

- S8046611: Build errors with gcc on sparc/fastdebug

- S8047763: Recognize sparc64 as a sparc platform

- S8048232: Fix for 8046471 breaks PPC64 build

- S8052396: Catch exceptions resulting from missing font cmap

- S8058563: InstanceKlass::_dependencies list isn't cleared from empty

nmethodBucket entries

- S8061624: [TESTBUG] Some tests cannot be ran under compact profiles

and therefore shall be excluded

- S8062901: Iterators is spelled incorrectly in the Javadoc for

Spliterator

- S8064330: Remove SHA224 from the default support list if SunMSCAPI

enabled

- S8065579: WB method to start G1 concurrent mark cycle should be

introduced

- S8065986: Compiler fails to NullPointerException when calling super

with Object()

- S8066974: Compiler doesn't infer method's generic type information

in lambda body

- S8067800: Clarify java.time.chrono.Chronology.isLeapYear for

out of range years

- S8068033: JNI exception pending in jdk/src/share/bin/java.c

- S8068042: Check jdk/src/share/native/sun/misc/URLClassPath.c for JNI

pending

- S8068162: jvmtiRedefineClasses.cpp: guarantee(false) failed: OLD

and/or OBSOLETE method(s) found

- S8068254: Method reference uses wrong qualifying type

- S8074696: Remote debugging session hangs for several minutes when

calling findBootType

- S8074935: jdk8 keytool doesn't validate pem files for RFC 1421

correctness, as jdk7 did

- S8078423: [TESTBUG] javax/print/PrintSEUmlauts/PrintSEUmlauts.java

relies on system locale

- S8080492: [Parfait] Uninitialised variable in

jdk/src/java/desktop/windows/native/libawt/

- S8080650: Enable stubs to use frame pointers correctly

- S8122944: perfdata used is seen as too high on sparc zone with

jdk1.9 and causes a test failure

- S8129348: Debugger hangs in trace mode with TRACE_SENDS

- S8129847: Compiling methods generated by Nashorn triggers high

memory usage in C2

- S8130506: javac AssertionError when invoking MethodHandle.invoke

with lambda parameter

- S8130910: hsperfdata file is created in wrong directory and not

cleaned up if /tmp/hsperfdata_ has wrong permissions

- S8131129: Attempt to define a duplicate BMH$Species class

- S8131665: Bad exception message in HandshakeHash.getFinishedHash

- S8131782: C1 Class.cast optimization breaks when Class is loaded

from static final

- S8132503: [macosx] Chinese full stop symbol cannot be entered with

Pinyin IM on OS X

- S8133207: ParallelProbes.java test fails after changes for

JDK-8080115

- S8133924: NPE may be thrown when xsltc select a non-existing node

after JDK-8062518

- S8134007: Improve string folding

- S8134759: jdb: Incorrect stepping inside finally block

- S8134963: [Newtest] New stress test for changing the coarseness

level of G1 remembered set

- S8136442: Don't tie Certificate signature algorithms to ciphersuites

- S8137106: EUDC (End User Defined Characters) are not displayed

on Windows with Java 8u60+

- S8138745: Implement ExitOnOutOfMemory and CrashOnOutOfMemory in

HotSpot

- S8138764: In some cases the usage of TreeLock can be replaced by

other synchronization

- S8139373: [TEST_BUG] java/net/MulticastSocket/MultiDead.java failed

with timeout

- S8139424: SIGSEGV, Problematic frame: # V [libjvm.so+0xd0c0cc] void

InstanceKlass::oop_oop_iterate_oop_maps_specialized

- S8139436: sun.security.mscapi.KeyStore might load incomplete data

- S8139751: Javac crash with -XDallowStringFolding=false

- S8139863: [TESTBUG] Need to port tests for JDK-8134903 to 8u-dev

- S8139985: JNI exception pending in

jdk/src/jdk/hprof/agent/share/native/libhprof

- S8140031: SA: Searching for a value in Threads does not work

- S8140249: JVM Crashing During startUp If Flight Recording is enabled

- S8140344: add support for 3 digit update release numbers

- S8140587: Atomic*FieldUpdaters should use Class.isInstance instead

of direct class check

- S8141260: isReachable crash in windows xp

- S8143297: Nashorn compilation time reported in nanoseconds

- S8143397: It looks like InetAddress.isReachable(timeout) works

incorrectly

- S8143855: Bad printf formatting in frame_zero.cpp

- S8143896: java.lang.Long is implicitly converted to double

- S8143963: improve ClassLoader::trace_class_path to accept an

additional outputStream* arg

- S8144020: Remove long as an internal numeric type

- S8144131: ArrayData.getInt implementations do not convert to int32

- S8144483: One long Safepoint pause directly after each GC log

rotation

- S8144487: PhaseIdealLoop::build_and_optimize() must restore

major_progress flag if skip_loop_opts is true

- S8144885: agent/src/os/linux/libproc.h needs to support Linux/SPARC

builds

- S8144935: C2: safepoint is pruned from a non-counted loop

- S8144937: [TEST_BUG] testlibrary_tests should be excluded for

compact1 and compact2 execution

- S8145017: Add support for 3 digit hotspot minor version numbers

- S8145099: Better error message when SA can't attach to a process

- S8145442: Add the facility to verify remembered sets for G1

- S8145466: javac: No line numbers in compilation error

- S8145539: (coll) AbstractMap.keySet and .values should not be

volatile

- S8145550: Megamorphic invoke should use CompiledFunction variants

without any LinkLogic

- S8145669: apply2call optimized callsite fails after becoming

megamorphic

- S8145722: NullPointerException in javadoc

- S8145754: PhaseIdealLoop::is_scaled_iv_plus_offset() does not match

AddI

- S8146147: Java linker indexed property getter does not work for

computed nashorn string

- S8146566: OpenJDK build can't handle commas in LDFLAGS

- S8146725: Issues with

SignatureAndHashAlgorithm.getSupportedAlgorithms

- S8146979: Backport of 8046471 breaks ppc64 build in jdk8u because

8072383 was badly backported before

- S8147087: Race when reusing PerRegionTable bitmaps may result in

dropped remembered set entries

- S8147630: Wrong test result pushed to 8u-dev

- S8147845: Varargs Array functions still leaking longs

- S8147857: RMIConnector logs attribute names incorrectly

- S8148353: [linux-sparc] Crash in libawt.so on Linux SPARC

- S8150791: 8u76 L10n resource file translation update

* Import of OpenJDK 8 u101 build 13

- S6483657: MSCAPI provider does not create unique alias names

- S6675699: need comprehensive fix for unconstrained ConvI2L with

narrowed type

- S8037557: test SessionCacheSizeTests.java timeout

- S8038837: Add support to jarsigner for specifying timestamp hash

algorithm

- S8081778: Use Intel x64 CPU instructions for RSA acceleration

- S8130150: Implement BigInteger.montgomeryMultiply intrinsic

- S8130735: javax.swing.TimerQueue: timer fires late when another

timer starts

- S8143913: MSCAPI keystore should accept Certificate[] in setEntry()

- S8144313: Test SessionTimeOutTests can be timeout

- S8146240: Three nashorn files contain "GNU General Public License"

header

- S8146387: Test SSLSession/SessionCacheSizeTests socket accept timed

out

- S8146669: Test SessionTimeOutTests fails intermittently

- S8146993: Several javax/management/remote/mandatory regression tests

fail after JDK-8138811

- S8147994: [macosx] JScrollPane jitters up/down during trackpad

scrolling on MacOS/Aqua

- S8151522: Disable 8130150 and 8081778 intrinsics by default

- S8151876: (tz) Support tzdata2016d

- S8152098: Fix 8151522 caused test

compiler/intrinsics/squaretolen/TestSquareToLen.java to fail

- S8157077: 8u101 L10n resource file updates

* Backports

- S6260348, PR3066: GTK+ L&F JTextComponent not respecting desktop

caret blink rate

- S6778087, PR1061: getLocationOnScreen() always returns (0, 0) for

mouse wheel events

- S6961123, PR2972: setWMClass fails to null-terminate WM_CLASS string

- S8008657, PR3077: JSpinner setComponentOrientation doesn't affect on

text orientation

- S8014212, PR2866: Robot captures black screen

- S8029339, PR1061: Custom MultiResolution image support on HiDPI

displays

- S8031145, PR3077: Re-examine closed i18n tests to see it they can be

moved to the jdk repository.

- S8034856, PR3095: gcc warnings compiling

src/solaris/native/sun/security/pkcs11

- S8034857, PR3095: gcc warnings compiling

src/solaris/native/sun/management

- S8035054, PR3095: JarFacade.c should not include ctype.h

- S8035287, PR3095: gcc warnings compiling various libraries files

- S8038631, PR3077: Create wrapper for awt.Robot with additional

functionality

- S8039279, PR3077: Move awt tests to openjdk repository

- S8041561, PR3077: Inconsistent opacity behaviour between JCheckBox

and JRadioButton

- S8041592, PR3077: [TEST_BUG] Move 42 AWT hw/lw mixing tests to jdk

- S8041915, PR3077: Move 8 awt tests to OpenJDK regression tests tree

- S8043126, PR3077: move awt automated functional tests from

AWT_Events/Lw and AWT_Events/AWT to OpenJDK repository

- S8043131, PR3077: Move ShapedAndTranslucentWindows and GC functional

AWT tests to regression tree

- S8044157, PR3077: [TEST_BUG] Improve recently submitted AWT_Mixing

tests

- S8044172, PR3077: [TEST_BUG] Move regtests for 4523758 and

AltPlusNumberKeyCombinationsTest to jdk

- S8044429, PR3077: move awt automated tests for AWT_Modality to

OpenJDK repository

- S8044762, PR2960: com/sun/jdi/OptionTest.java test time out

- S8044765, PR3077: Move functional tests AWT_SystemTray/Automated to

openjdk repository

- S8047180, PR3077: Move functional tests AWT_Headless/Automated to

OpenJDK repository

- S8047367, PR3077: move awt automated tests from AWT_Modality to

OpenJDK repository - part 2

- S8048246, PR3077: Move AWT_DnD/Clipboard/Automated functional tests

to OpenJDK

- S8049226, PR2960: com/sun/jdi/OptionTest.java test times out again

- S8049617, PR3077: move awt automated tests from AWT_Modality to

OpenJDK repository - part 3

- S8049694, PR3077: Migrate functional AWT_DesktopProperties/Automated

tests to OpenJDK

- S8050885, PR3077: move awt automated tests from AWT_Modality to

OpenJDK repository - part 4

- S8051440, PR3077: move tests about maximizing undecorated to OpenJDK

- S8052012, PR3077: move awt automated tests from AWT_Modality to

OpenJDK repository - part 5

- S8052408, PR3077: Move AWT_BAT functional tests to OpenJDK (3

of 3)

- S8053657, PR3077: [TEST_BUG] move some 5 tests related to

undecorated Frame/JFrame to JDK

- S8054143, PR3077: move awt automated tests from AWT_Modality to

OpenJDK repository - part 6

- S8054358, PR3077: move awt automated tests from AWT_Modality to

OpenJDK repository - part 7

- S8054359, PR3077: move awt automated tests from AWT_Modality to

OpenJDK repository - part 8

- S8055360, PR3077: Move the rest part of AWT ShapedAndTranslucent

tests to OpenJDK

- S8055664, PR3077: move 14 tests about setLocationRelativeTo to jdk

- S8055836, PR3077: move awt tests from AWT_Modality to OpenJDK

repository - part 9

- S8056911, PR3077: Remove internal API usage from ExtendedRobot class

- S8057694, PR3077: move awt tests from AWT_Modality to OpenJDK

repository - part 10

- S8058959, PR1061:

closed/java/awt/event/ComponentEvent/MovedResizedTwiceTest/MovedResizedTwic

eTest.java failed automatically

- S8062606, PR3077: Fix a typo in java.awt.Robot class

- S8063102, PR3077: Change open awt regression tests to avoid

sun.awt.SunToolkit.realSync, part 1

- S8063104, PR3077: Change open awt regression tests to avoid

sun.awt.SunToolkit.realSync, part 2

- S8063106, PR3077: Change open swing regression tests to avoid

sun.awt.SunToolkit.realSync, part 1

- S8063107, PR3077: Change open swing regression tests to avoid

sun.awt.SunToolkit.realSync, part 2

- S8064573, PR3077: [TEST_BUG]

javax/swing/text/AbstractDocument/6968363/Test6968363.java is

asocial pressing VK_LEFT and not releasing

- S8064575, PR3077: [TEST_BUG]

javax/swing/JEditorPane/6917744/bug6917744.java 100 times press keys

and never releases

- S8064809, PR3077: [TEST_BUG]

javax/swing/JComboBox/4199622/bug4199622.java contains a lot of

keyPress and not a single keyRelease

- S8067441, PR3077: Some tests fails with error: cannot find symbol

getSystemMnemonicKeyCodes()

- S8068228, PR3077: Test

closed/java/awt/Mouse/MaximizedFrameTest/MaximizedFrameTest fails

with GTKLookAndFeel

- S8069361, PR1061: SunGraphics2D.getDefaultTransform() does not

include scale factor

- S8073320, PR1061: Windows HiDPI Graphics support

- S8074807, PR3077: Fix some tests unnecessary using internal API

- S8076315, PR3077: move 4 manual functional swing tests to regression

suite

- S8078504, PR3094: Zero lacks declaration of VM_Version::initialize()

- S8129822, PR3077: Define "headful" jtreg keyword

- S8132123, PR1061: MultiResolutionCachedImage unnecessarily creates

base image to get its size

- S8133539, PR1061: [TEST_BUG] Split

java/awt/image/MultiResolutionImageTest.java in two to allow

restricted access

- S8137571, PR1061: Linux HiDPI Graphics support

- S8142406, PR1061: [TEST] MultiResolution image: need test to cover

the case when ( -at -) 2x image is corrupted

- S8145188, PR2945: No LocalVariableTable generated for the entire JDK

- S8150258, PR1061: [TEST] HiDPI: create a test for multiresolution

menu items icons

- S8150724, PR1061: [TEST] HiDPI: create a test for multiresolution

icons

- S8150844, PR1061: [hidpi] [macosx] -Dsun.java2d.uiScale should be

taken into account for OS X

- S8151841, PR2882: Build needs additional flags to compile with GCC 6

[plus parts of 8149647 & 8032045]

- S8155613, PR1061: [PIT] crash in

AWT_Desktop/Automated/Exceptions/BasicTest

- S8156020, PR1061: 8145547 breaks AIX and and uses RTLD_NOLOAD

incorrectly

- S8156128, PR1061: Tests for [AWT/Swing] Conditional support for GTK

3 on Linux

- S8158260, PR2991, RH1341258: PPC64: unaligned Unsafe.getInt can lead

to the generation of illegal instructions (bsc#988651)

- S8159244, PR3074: Partially initialized string object created by

C2's string concat optimization may escape

- S8159690, PR3077: [TESTBUG] Mark headful tests with ( -at -) key headful.

- S8160294, PR2882, PR3095: Some client libraries cannot be built with

GCC 6

* Bug fixes

- PR1958: GTKLookAndFeel does not honor gtk-alternative-button-order

- PR2822: Feed LIBS & CFLAGS into configure rather than make to avoid

re-discovery by OpenJDK configure

- PR2932: Support ccache in a non-automagic manner

- PR2933: Support ccache 3.2 and later

- PR2964: Set system defaults based on OS

- PR2974, RH1337583: PKCS#10 certificate requests now use CRLF line

endings rather than system line endings

- PR3078: Remove duplicated line [censored] back to 6788347 and 6894807

- PR3083, RH1346460: Regression in SSL debug output without an ECC

provider

- PR3089: Remove old memory limits patch

- PR3090, RH1204159: SystemTap is heavily confused by multiple JDKs

- PR3095: Fix warnings in URLClassPath.c

- PR3096: Remove dead --disable-optimizations option

- PR3105: Use version from hotspot.map to create tarball filename

- PR3106: Handle both correctly-spelt property

"enableCustomValueHandler" introduced by S8079718 and typo version

- PR3108: Shenandoah patches not included in release tarball

- PR3110: Update hotspot.map documentation in INSTALL

* AArch64 port

- S8145320, PR3078: Create unsafe_arraycopy and generic_arraycopy for

AArch64

- S8148328, PR3078: aarch64: redundant lsr instructions in stub code.

- S8148783, PR3078: aarch64: SEGV running SpecJBB2013

- S8148948, PR3078: aarch64: generate_copy_longs calls align()

incorrectly

- S8149080, PR3078: AArch64: Recognise disjoint array copy in stub code

- S8149365, PR3078: aarch64: memory copy does not prefetch on

backwards copy

- S8149907, PR3078: aarch64: use load/store pair instructions in

call_stub

- S8150038, PR3078: aarch64: make use of CBZ and CBNZ when comparing

narrow pointer with zero

- S8150045, PR3078: arraycopy causes segfaults in SATB during garbage

collection

- S8150082, PR3078: aarch64: optimise small array copy

- S8150229, PR3078: aarch64: pipeline class for several instructions

is not set correctly

- S8150313, PR3078: aarch64: optimise array copy using SIMD

instructions

- S8150394, PR3078: aarch64: add support for 8.1 LSE CAS instructions

- S8151340, PR3078: aarch64: prefetch the destination word for write

prior to ldxr/stxr loops.

- S8151502, PR3078: optimize pd_disjoint_words and pd_conjoint_words

- S8151775, PR3078: aarch64: add support for 8.1 LSE atomic

operations

- S8152537, PR3078: aarch64: Make use of CBZ and CBNZ when comparing

unsigned values with zero.

- S8152840, PR3078: aarch64: improve _unsafe_arraycopy stub routine

- S8153713, PR3078: aarch64: improve short array clearing using store

pair

- S8153797, PR3078: aarch64: Add Arrays.fill stub code

- S8154537, PR3078: AArch64: some integer rotate instructions are

never emitted

- S8154739, PR3078: AArch64: TemplateTable::fast_xaccess loads in

wrong mode

- S8155015, PR3078: Aarch64: bad assert in spill generation code

- S8155100, PR3078: AArch64: Relax alignment requirement for

byte_map_base

- S8155612, PR3078: Aarch64: vector nodes need to support misaligned

offset

- S8155617, PR3078: aarch64: ClearArray does not use DC ZVA

- S8155653, PR3078: TestVectorUnalignedOffset.java not pushed with

8155612

- S8156731, PR3078: aarch64: java/util/Arrays/Correct.java fails due

to _generic_arraycopy stub routine

- S8157841, PR3078: aarch64: prefetch ignores cache line size

- S8157906, PR3078: aarch64: some more integer rotate instructions are

never emitted

- S8158913, PR3078: aarch64: SEGV running Spark terasort

- S8159052, PR3078: aarch64: optimise unaligned copies in

pd_disjoint_words and pd_conjoint_words

- S8159063, PR3078: aarch64: optimise unaligned array copy long

- PR3078: Cleanup remaining differences from aarch64/jdk8u tree

- Fix script linking /usr/share/javazi/tzdb.dat for platform where it

applies (bsc#987895)

 

- Fix aarch64 running with 48 bits va space (bsc#984684)

 

avoid some crashes

 

This update was imported from the SUSE:SLE-12-SP1:Update update project.

 

 

Patch Instructions:

 

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

 

- openSUSE Leap 42.1:

 

zypper in -t patch openSUSE-2016-978=1

 

To bring your system up-to-date, use "zypper patch".

 

 

Package List:

 

- openSUSE Leap 42.1 (i586 x86_64):

 

java-1_8_0-openjdk-1.8.0.101-15.1

java-1_8_0-openjdk-accessibility-1.8.0.101-15.1

java-1_8_0-openjdk-debuginfo-1.8.0.101-15.1

java-1_8_0-openjdk-debugsource-1.8.0.101-15.1

java-1_8_0-openjdk-demo-1.8.0.101-15.1

java-1_8_0-openjdk-demo-debuginfo-1.8.0.101-15.1

java-1_8_0-openjdk-devel-1.8.0.101-15.1

java-1_8_0-openjdk-devel-debuginfo-1.8.0.101-15.1

java-1_8_0-openjdk-headless-1.8.0.101-15.1

java-1_8_0-openjdk-headless-debuginfo-1.8.0.101-15.1

java-1_8_0-openjdk-src-1.8.0.101-15.1

 

- openSUSE Leap 42.1 (noarch):

 

java-1_8_0-openjdk-javadoc-1.8.0.101-15.1

 

 

References:

 

https://www.suse.com/security/cve/CVE-2016-3458.html

https://www.suse.com/security/cve/CVE-2016-3485.html

https://www.suse.com/security/cve/CVE-2016-3498.html

https://www.suse.com/security/cve/CVE-2016-3500.html

https://www.suse.com/security/cve/CVE-2016-3503.html

https://www.suse.com/security/cve/CVE-2016-3508.html

https://www.suse.com/security/cve/CVE-2016-3511.html

https://www.suse.com/security/cve/CVE-2016-3550.html

https://www.suse.com/security/cve/CVE-2016-3552.html

https://www.suse.com/security/cve/CVE-2016-3587.html

https://www.suse.com/security/cve/CVE-2016-3598.html

https://www.suse.com/security/cve/CVE-2016-3606.html

https://www.suse.com/security/cve/CVE-2016-3610.html

https://bugzilla.suse.com/984684

https://bugzilla.suse.com/987895

https://bugzilla.suse.com/988651

https://bugzilla.suse.com/989721

https://bugzilla.suse.com/989722

https://bugzilla.suse.com/989723

https://bugzilla.suse.com/989725

https://bugzilla.suse.com/989726

https://bugzilla.suse.com/989727

https://bugzilla.suse.com/989728

https://bugzilla.suse.com/989729

https://bugzilla.suse.com/989730

https://bugzilla.suse.com/989731

https://bugzilla.suse.com/989732

https://bugzilla.suse.com/989733

https://bugzilla.suse.com/989734

 

--

To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org

For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

 

 

 

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing Upcoming News
×