A java-1_8_0-openj9 security update has been released for openSUSE Leap 15.2.

security-announce: openSUSE-SU-2020:1893-1: important: Security update for java-1_8_0-openj9

openSUSE Security Update: Security update for java-1_8_0-openj9
______________________________________________________________________________

Announcement ID: openSUSE-SU-2020:1893-1
Rating: important
References: #1174157 #1177943
Cross-References: CVE-2020-14556 CVE-2020-14577 CVE-2020-14578
CVE-2020-14579 CVE-2020-14581 CVE-2020-14583
CVE-2020-14593 CVE-2020-14621 CVE-2020-14779
CVE-2020-14781 CVE-2020-14782 CVE-2020-14792
CVE-2020-14796 CVE-2020-14797 CVE-2020-14798
CVE-2020-14803
Affected Products:
openSUSE Leap 15.2
______________________________________________________________________________

An update that fixes 16 vulnerabilities is now available.

Description:

This update for java-1_8_0-openj9 fixes the following issues:

-OpenJDK was updated to 8u2732 build 10 with OpenJ9 0.23.0 virtual machine
-includes Oracle July 2020 (bsc#1174157) and October 2020 CPU
(bsc#1177943)
- CVE-2020-14556, CVE-2020-14577, CVE-2020-14578, CVE-2020-14579,
CVE-2020-14581, CVE-2020-14583, CVE-2020-14593, CVE-2020-14621,
CVE-2020-14779, CVE-2020-14781, CVE-2020-14782, CVE-2020-14792,
CVE-2020-14796, CVE-2020-14797, CVE-2020-14798 and CVE-2020-14803

This update was imported from the SUSE:SLE-15-SP2:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.2:

zypper in -t patch openSUSE-2020-1893=1


Package List:

- openSUSE Leap 15.2 (x86_64):

java-1_8_0-openj9-1.8.0.272-lp152.3.3.1
java-1_8_0-openj9-accessibility-1.8.0.272-lp152.3.3.1
java-1_8_0-openj9-debuginfo-1.8.0.272-lp152.3.3.1
java-1_8_0-openj9-debugsource-1.8.0.272-lp152.3.3.1
java-1_8_0-openj9-demo-1.8.0.272-lp152.3.3.1
java-1_8_0-openj9-demo-debuginfo-1.8.0.272-lp152.3.3.1
java-1_8_0-openj9-devel-1.8.0.272-lp152.3.3.1
java-1_8_0-openj9-headless-1.8.0.272-lp152.3.3.1
java-1_8_0-openj9-src-1.8.0.272-lp152.3.3.1

- openSUSE Leap 15.2 (noarch):

java-1_8_0-openj9-javadoc-1.8.0.272-lp152.3.3.1

References:

  https://www.suse.com/security/cve/CVE-2020-14556.html
  https://www.suse.com/security/cve/CVE-2020-14577.html
  https://www.suse.com/security/cve/CVE-2020-14578.html
  https://www.suse.com/security/cve/CVE-2020-14579.html
  https://www.suse.com/security/cve/CVE-2020-14581.html
  https://www.suse.com/security/cve/CVE-2020-14583.html
  https://www.suse.com/security/cve/CVE-2020-14593.html
  https://www.suse.com/security/cve/CVE-2020-14621.html
  https://www.suse.com/security/cve/CVE-2020-14779.html
  https://www.suse.com/security/cve/CVE-2020-14781.html
  https://www.suse.com/security/cve/CVE-2020-14782.html
  https://www.suse.com/security/cve/CVE-2020-14792.html
  https://www.suse.com/security/cve/CVE-2020-14796.html
  https://www.suse.com/security/cve/CVE-2020-14797.html
  https://www.suse.com/security/cve/CVE-2020-14798.html
  https://www.suse.com/security/cve/CVE-2020-14803.html
  https://bugzilla.suse.com/1174157
  https://bugzilla.suse.com/1177943