{"affected":[{"ecosystem_specific":{"binaries":[{"java-1_8_0-openjdk":"1.8.0.171-27.19.1","java-1_8_0-openjdk-demo":"1.8.0.171-27.19.1","java-1_8_0-openjdk-devel":"1.8.0.171-27.19.1","java-1_8_0-openjdk-headless":"1.8.0.171-27.19.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP2-BCL","name":"java-1_8_0-openjdk","purl":"pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.8.0.171-27.19.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for java-1_8_0-openjdk to version 8u171 fixes the following issues:\n\nThese security issues were fixed:\n\n- S8180881: Better packaging of deserialization\n- S8182362: Update CipherOutputStream Usage\n- S8183032: Upgrade to LittleCMS 2.9\n- S8189123: More consistent classloading\n- S8189969, CVE-2018-2790, bsc#1090023: Manifest better manifest entries\n- S8189977, CVE-2018-2795, bsc#1090025: Improve permission portability\n- S8189981, CVE-2018-2796, bsc#1090026: Improve queuing portability\n- S8189985, CVE-2018-2797, bsc#1090027: Improve tabular data portability\n- S8189989, CVE-2018-2798, bsc#1090028: Improve container portability\n- S8189993, CVE-2018-2799, bsc#1090029: Improve document portability\n- S8189997, CVE-2018-2794, bsc#1090024: Enhance keystore mechanisms\n- S8190478: Improved interface method selection\n- S8190877: Better handling of abstract classes\n- S8191696: Better mouse positioning\n- S8192025, CVE-2018-2814, bsc#1090032: Less referential references\n- S8192030: Better MTSchema support\n- S8192757, CVE-2018-2815, bsc#1090033: Improve stub classes implementation\n- S8193409: Improve AES supporting classes\n- S8193414: Improvements in MethodType lookups\n- S8193833, CVE-2018-2800, bsc#1090030: Better RMI connection support\n\nFor other changes please consult the changelog.\n","id":"SUSE-SU-2018:1690-2","modified":"2018-10-18T12:46:20Z","published":"2018-10-18T12:46:20Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2018/suse-su-20181690-2/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1087066"},{"type":"REPORT","url":"https://bugzilla.suse.com/1090023"},{"type":"REPORT","url":"https://bugzilla.suse.com/1090024"},{"type":"REPORT","url":"https://bugzilla.suse.com/1090025"},{"type":"REPORT","url":"https://bugzilla.suse.com/1090026"},{"type":"REPORT","url":"https://bugzilla.suse.com/1090027"},{"type":"REPORT","url":"https://bugzilla.suse.com/1090028"},{"type":"REPORT","url":"https://bugzilla.suse.com/1090029"},{"type":"REPORT","url":"https://bugzilla.suse.com/1090030"},{"type":"REPORT","url":"https://bugzilla.suse.com/1090032"},{"type":"REPORT","url":"https://bugzilla.suse.com/1090033"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2790"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2794"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2795"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2796"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2797"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2798"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2799"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2800"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2814"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-2815"}],"related":["CVE-2018-2790","CVE-2018-2794","CVE-2018-2795","CVE-2018-2796","CVE-2018-2797","CVE-2018-2798","CVE-2018-2799","CVE-2018-2800","CVE-2018-2814","CVE-2018-2815"],"summary":"Security update for java-1_8_0-openjdk","upstream":["CVE-2018-2790","CVE-2018-2794","CVE-2018-2795","CVE-2018-2796","CVE-2018-2797","CVE-2018-2798","CVE-2018-2799","CVE-2018-2800","CVE-2018-2814","CVE-2018-2815"]}