{"affected":[{"ecosystem_specific":{"binaries":[{"java-1_8_0-openjdk":"1.8.0.121-20.1","java-1_8_0-openjdk-headless":"1.8.0.121-20.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12 SP1","name":"java-1_8_0-openjdk","purl":"pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.8.0.121-20.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-1_8_0-openjdk":"1.8.0.121-20.1","java-1_8_0-openjdk-headless":"1.8.0.121-20.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12 SP2","name":"java-1_8_0-openjdk","purl":"pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.8.0.121-20.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-1_8_0-openjdk":"1.8.0.121-20.1","java-1_8_0-openjdk-demo":"1.8.0.121-20.1","java-1_8_0-openjdk-devel":"1.8.0.121-20.1","java-1_8_0-openjdk-headless":"1.8.0.121-20.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for Raspberry Pi 12 SP2","name":"java-1_8_0-openjdk","purl":"pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.8.0.121-20.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-1_8_0-openjdk":"1.8.0.121-20.1","java-1_8_0-openjdk-demo":"1.8.0.121-20.1","java-1_8_0-openjdk-devel":"1.8.0.121-20.1","java-1_8_0-openjdk-headless":"1.8.0.121-20.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP1","name":"java-1_8_0-openjdk","purl":"pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.8.0.121-20.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-1_8_0-openjdk":"1.8.0.121-20.1","java-1_8_0-openjdk-demo":"1.8.0.121-20.1","java-1_8_0-openjdk-devel":"1.8.0.121-20.1","java-1_8_0-openjdk-headless":"1.8.0.121-20.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP1","name":"java-1_8_0-openjdk","purl":"pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.8.0.121-20.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-1_8_0-openjdk":"1.8.0.121-20.1","java-1_8_0-openjdk-demo":"1.8.0.121-20.1","java-1_8_0-openjdk-devel":"1.8.0.121-20.1","java-1_8_0-openjdk-headless":"1.8.0.121-20.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP2","name":"java-1_8_0-openjdk","purl":"pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.8.0.121-20.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-1_8_0-openjdk":"1.8.0.121-20.1","java-1_8_0-openjdk-demo":"1.8.0.121-20.1","java-1_8_0-openjdk-devel":"1.8.0.121-20.1","java-1_8_0-openjdk-headless":"1.8.0.121-20.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP2","name":"java-1_8_0-openjdk","purl":"pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.8.0.121-20.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\nThis update for java-1_8_0-openjdk fixes the following issues:\nOracle Critical Patch Update of January 2017 (bsc#1020905)\nUpgrade to version jdk8u121 (icedtea 3.3.0):\n - S8138725: Add options for Javadoc generation\n - S8140353: Improve signature checking\n - S8151934, CVE-2017-3231: Resolve class resolution\n - S8156804, CVE-2017-3241: Better constraint checking\n - S8158406: Limited Parameter Processing\n - S8158997: JNDI Protocols Switch\n - S8159507: RuntimeVisibleAnnotation validation\n - S8161218: Better bytecode loading\n - S8161743, CVE-2017-3252: Provide proper login context\n - S8162577: Standardize logging levels\n - S8162973: Better component components\n - S8164143, CVE-2017-3260: Improve components for menu items\n - S8164147, CVE-2017-3261: Improve streaming socket output\n - S8165071, CVE-2016-2183: Expand TLS support\n - S8165344, CVE-2017-3272: Update concurrency support\n - S8166988, CVE-2017-3253: Improve image processing performance\n - S8167104, CVE-2017-3289: Additional class construction refinements\n - S8167223, CVE-2016-5552: URL handling improvements\n - S8168705, CVE-2016-5547: Better ObjectIdentifier validation\n - S8168714, CVE-2016-5546: Tighten ECDSA validation\n - S8168728, CVE-2016-5548: DSA signing improvements\n - S8168724, CVE-2016-5549: ECDSA signing improvements\n","id":"SUSE-SU-2017:0346-1","modified":"2017-01-31T16:25:20Z","published":"2017-01-31T16:25:20Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2017/suse-su-20170346-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1020905"},{"type":"REPORT","url":"https://bugzilla.suse.com/1022053"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-2183"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-5546"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-5547"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-5548"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-5549"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-5552"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3231"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3241"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3252"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3253"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3260"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3261"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3272"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3289"}],"related":["CVE-2016-2183","CVE-2016-5546","CVE-2016-5547","CVE-2016-5548","CVE-2016-5549","CVE-2016-5552","CVE-2017-3231","CVE-2017-3241","CVE-2017-3252","CVE-2017-3253","CVE-2017-3260","CVE-2017-3261","CVE-2017-3272","CVE-2017-3289"],"summary":"Security update for java-1_8_0-openjdk","upstream":["CVE-2016-2183","CVE-2016-5546","CVE-2016-5547","CVE-2016-5548","CVE-2016-5549","CVE-2016-5552","CVE-2017-3231","CVE-2017-3241","CVE-2017-3252","CVE-2017-3253","CVE-2017-3260","CVE-2017-3261","CVE-2017-3272","CVE-2017-3289"]}