{"affected":[{"ecosystem_specific":{"binaries":[{"java-1_8_0-openjdk":"1.8.0.161-27.13.1","java-1_8_0-openjdk-demo":"1.8.0.161-27.13.1","java-1_8_0-openjdk-devel":"1.8.0.161-27.13.1","java-1_8_0-openjdk-headless":"1.8.0.161-27.13.1"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud 6","name":"java-1_8_0-openjdk","purl":"pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20OpenStack%20Cloud%206"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.8.0.161-27.13.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-1_8_0-openjdk":"1.8.0.161-27.13.1","java-1_8_0-openjdk-headless":"1.8.0.161-27.13.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12 SP2","name":"java-1_8_0-openjdk","purl":"pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.8.0.161-27.13.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-1_8_0-openjdk":"1.8.0.161-27.13.1","java-1_8_0-openjdk-headless":"1.8.0.161-27.13.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12 SP3","name":"java-1_8_0-openjdk","purl":"pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.8.0.161-27.13.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-1_8_0-openjdk":"1.8.0.161-27.13.1","java-1_8_0-openjdk-demo":"1.8.0.161-27.13.1","java-1_8_0-openjdk-devel":"1.8.0.161-27.13.1","java-1_8_0-openjdk-headless":"1.8.0.161-27.13.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for Raspberry Pi 12 SP2","name":"java-1_8_0-openjdk","purl":"pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.8.0.161-27.13.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-1_8_0-openjdk":"1.8.0.161-27.13.1","java-1_8_0-openjdk-demo":"1.8.0.161-27.13.1","java-1_8_0-openjdk-devel":"1.8.0.161-27.13.1","java-1_8_0-openjdk-headless":"1.8.0.161-27.13.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP1","name":"java-1_8_0-openjdk","purl":"pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.8.0.161-27.13.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-1_8_0-openjdk":"1.8.0.161-27.13.1","java-1_8_0-openjdk-demo":"1.8.0.161-27.13.1","java-1_8_0-openjdk-devel":"1.8.0.161-27.13.1","java-1_8_0-openjdk-headless":"1.8.0.161-27.13.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP1-LTSS","name":"java-1_8_0-openjdk","purl":"pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.8.0.161-27.13.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-1_8_0-openjdk":"1.8.0.161-27.13.1","java-1_8_0-openjdk-demo":"1.8.0.161-27.13.1","java-1_8_0-openjdk-devel":"1.8.0.161-27.13.1","java-1_8_0-openjdk-headless":"1.8.0.161-27.13.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP2","name":"java-1_8_0-openjdk","purl":"pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.8.0.161-27.13.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-1_8_0-openjdk":"1.8.0.161-27.13.1","java-1_8_0-openjdk-demo":"1.8.0.161-27.13.1","java-1_8_0-openjdk-devel":"1.8.0.161-27.13.1","java-1_8_0-openjdk-headless":"1.8.0.161-27.13.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP2","name":"java-1_8_0-openjdk","purl":"pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.8.0.161-27.13.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-1_8_0-openjdk":"1.8.0.161-27.13.1","java-1_8_0-openjdk-demo":"1.8.0.161-27.13.1","java-1_8_0-openjdk-devel":"1.8.0.161-27.13.1","java-1_8_0-openjdk-headless":"1.8.0.161-27.13.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP3","name":"java-1_8_0-openjdk","purl":"pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.8.0.161-27.13.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-1_8_0-openjdk":"1.8.0.161-27.13.1","java-1_8_0-openjdk-demo":"1.8.0.161-27.13.1","java-1_8_0-openjdk-devel":"1.8.0.161-27.13.1","java-1_8_0-openjdk-headless":"1.8.0.161-27.13.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP3","name":"java-1_8_0-openjdk","purl":"pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.8.0.161-27.13.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for java-1_8_0-openjdk fixes the following issues:\n\nSecurity issues fix in jdk8u161 (icedtea 3.7.0)(bsc#1076366):\n\n- CVE-2018-2579: Improve key keying case\n- CVE-2018-2582: Better interface invocations\n- CVE-2018-2588: Improve LDAP logins\n- CVE-2018-2599: Improve reliability of DNS lookups\n- CVE-2018-2602: Improve usage messages\n- CVE-2018-2603: Improve PKCS usage\n- CVE-2018-2618: Stricter key generation\n- CVE-2018-2629: Improve GSS handling\n- CVE-2018-2633: Improve LDAP lookup robustness\n- CVE-2018-2634: Improve property negotiations\n- CVE-2018-2637: Improve JMX supportive features\n- CVE-2018-2641: Improve GTK initialization\n- CVE-2018-2663: More refactoring for deserialization cases\n- CVE-2018-2677: More refactoring for client deserialization cases\n- CVE-2018-2678: More refactoring for naming deserialization cases\n","id":"SUSE-SU-2018:0663-1","modified":"2018-03-12T12:18:36Z","published":"2018-03-12T12:18:36Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2018/suse-su-20180663-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1076366"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2579"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2582"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2588"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2599"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2602"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2603"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2618"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2629"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2633"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2634"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2637"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2641"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2663"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2677"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2678"}],"related":["CVE-2018-2579","CVE-2018-2582","CVE-2018-2588","CVE-2018-2599","CVE-2018-2602","CVE-2018-2603","CVE-2018-2618","CVE-2018-2629","CVE-2018-2633","CVE-2018-2634","CVE-2018-2637","CVE-2018-2641","CVE-2018-2663","CVE-2018-2677","CVE-2018-2678"],"summary":"Security update for java-1_8_0-openjdk","upstream":["CVE-2018-2579","CVE-2018-2582","CVE-2018-2588","CVE-2018-2599","CVE-2018-2602","CVE-2018-2603","CVE-2018-2618","CVE-2018-2629","CVE-2018-2633","CVE-2018-2634","CVE-2018-2637","CVE-2018-2641","CVE-2018-2663","CVE-2018-2677","CVE-2018-2678"]}