openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2014:1638-1)

critical Nessus Plugin ID 80046

Synopsis

The remote openSUSE host is missing a security update.

Description

This openjdk update fixes the following security and non security issues :

- Upgrade to 2.4.8 (bnc#887530)

- Changed back from gzipped tarball to xz

- Changed the keyring file to add Andrew John Hughes that signed the icedtea package

- Change ZERO to AARCH64 tarball

- Removed patches :

- gstackbounds.patch

- java-1.7.0-openjdk-ppc-zero-jdk.patch

- java-1.7.0-openjdk-ppc-zero-hotspot.patch

- Integrated in upstream icedtea

- java-1.7.0-openjdk-makefiles-zero.patch

- Does not apply on the AARCH64 tarball, since the change from DEFAULT and ZERO tarball to DEFAULT and AARCH64

- Upstream changes since 2.4.4 :

- Security fixes

- S8029755, CVE-2014-4209: Enhance subject class

- S8030763: Validate global memory allocation

- S8031340, CVE-2014-4264: Better TLS/EC management

- S8031346, CVE-2014-4244: Enhance RSA key handling

- S8031540: Introduce document horizon

- S8032536: JVM resolves wrong method in some unusual cases

- S8033055: Issues in 2d

- S8033301, CVE-2014-4266: Build more informative InfoBuilder

- S8034267: Probabilistic native crash

- S8034272: Do not cram data into CRAM arrays

- S8034985, CVE-2014-2483: Better form for Lambda Forms

- S8035004, CVE-2014-4252: Provider provides less service

- S8035009, CVE-2014-4218: Make Proxy representations consistent

- S8035119, CVE-2014-4219: Fix exceptions to bytecode verification

- S8035699, CVE-2014-4268: File choosers should be choosier

- S8035788. CVE-2014-4221: Provide more consistency for lookups

- S8035793, CVE-2014-4223: Maximum arity maxed out

- S8036571: (process) Process process arguments carefully

- S8036800: Attribute OOM to correct part of code

- S8037046: Validate libraries to be loaded

- S8037076, CVE-2014-2490: Check constant pool constants

- S8037157: Verify <init> call

- S8037162, CVE-2014-4263: More robust DH exchanges

- S8037167, CVE-2014-4216: Better method signature resolution

- S8039520, CVE-2014-4262: More atomicity of atomic updates

- S8023046: Enhance splashscreen support

- S8025005: Enhance CORBA initializations

- S8025010, CVE-2014-2412: Enhance AWT contexts

- S8025030, CVE-2014-2414: Enhance stream handling

- S8025152, CVE-2014-0458: Enhance activation set up

- S8026067: Enhance signed jar verification

- S8026163, CVE-2014-2427: Enhance media provisioning

- S8026188, CVE-2014-2423: Enhance envelope factory

- S8026200: Enhance RowSet Factory

- S8026716, CVE-2014-2402: (aio) Enhance asynchronous channel handling

- S8026736, CVE-2014-2398: Enhance Javadoc pages

- S8026797, CVE-2014-0451: Enhance data transfers

- S8026801, CVE-2014-0452: Enhance endpoint addressing

- S8027766, CVE-2014-0453: Enhance RSA processing

- S8027775: Enhance ICU code.

- S8027841, CVE-2014-0429: Enhance pixel manipulations

- S8028385: Enhance RowSet Factory

- S8029282, CVE-2014-2403: Enhance CharInfo set up

- S8029286: Enhance subject delegation

- S8029699: Update Poller demo

- S8029730: Improve audio device additions

- S8029735: Enhance service mgmt natives

- S8029740, CVE-2014-0446: Enhance handling of loggers

- S8029745, CVE-2014-0454: Enhance algorithm checking

- S8029750: Enhance LCMS color processing (in-tree LCMS)

- S8029760, CVE-2013-6629: Enhance AWT image libraries (in-tree libjpeg)

- S8029844, CVE-2014-0455: Enhance argument validation

- S8029854, CVE-2014-2421: Enhance JPEG decodings

- S8029858, CVE-2014-0456: Enhance array copies

- S8030731, CVE-2014-0460: Improve name service robustness

- S8031330: Refactor ObjectFactory

- S8031335, CVE-2014-0459: Better color profiling (in-tree LCMS)

- S8031352, CVE-2013-6954: Enhance PNG handling (in-tree libpng)

- S8031394, CVE-2014-0457: (sl) Fix exception handling in ServiceLoader

- S8031395: Enhance LDAP processing

- S8032686, CVE-2014-2413: Issues with method invoke

- S8033618, CVE-2014-1876: Correct logging output

- S8034926, CVE-2014-2397: Attribute classes properly

- S8036794, CVE-2014-0461: Manage JavaScript instances

- Backports

- S5049299: (process) Use posix_spawn, not fork, on S10 to avoid swap exhaustion

- S6571600: JNI use results in UnsatisfiedLinkError looking for libmawt.so

- S7131153: GetDC called way too many times - causes bad performance.

- S7190349: [macosx] Text (Label) is incorrectly drawn with a rotated g2d

- S8001108: an attempt to use '<init>' as a method name should elicit NoSuchMethodException

- S8001109: arity mismatch on a call to spreader method handle should elicit IllegalArgumentException

- S8008118: (process) Possible NULL pointer dereference in jdk/src/solaris/native/java/lang/UNIXProcess_md.c

- S8013611: Modal dialog fails to obtain keyboard focus

- S8013809: deadlock in SSLSocketImpl between between write and close

- S8013836: getFirstDayOfWeek reports wrong day for pt-BR locale

- S8014460: Need to check for non-empty EXT_LIBS_PATH before using it

- S8019853: Break logging and AWT circular dependency

- S8019990: IM candidate window appears on the South-East corner of the display.

- S8020191: System.getProperty('os.name') returns 'Windows NT (unknown)' on Windows 8.1

- S8022452: Hotspot needs to know about Windows 8.1 and Windows Server 2012 R2

- S8023990: Regression: postscript size increase from 6u18

- S8024283: 10 nashorn tests fail with similar stack trace InternalError with cause being NoClassDefFoundError

- S8024616: JSR292: lazily initialize core NamedFunctions used for bootstrapping

- S8024648: 7141246 & 8016131 break Zero port (AArch64 only)

- S8024830: SEGV in org.apache.lucene.codecs.compressing.CompressingTermVect orsReader.get

- S8025588: [macosx] Frozen AppKit thread in 7u40

- S8026404: Logging in Applet can trigger ACE: access denied ('java.lang.RuntimePermission' 'modifyThreadGroup')

- S8026705: [TEST_BUG] java/beans/Introspector/TestTypeResolver.java failed

- S8027196: Increment minor version of HSx for 7u55 and initialize the build number

- S8027212:
java/nio/channels/Selector/SelectAfterRead.java fails intermittently

- S8028285: RMI Thread can no longer call out to AWT

- S8029177: [Parfait] warnings from b117 for jdk.src.share.native.com.sun.java.util.jar: JNI exception pending

- S8030655: Regression: 14_01 Security fix 8024306 causes test failures

- S8030813: Signed applet fails to load when CRLs are stored in an LDAP directory

- S8030822: (tz) Support tzdata2013i

- S8031050: (thread) Change Thread initialization so that thread name is set before invoking SecurityManager

- S8031075: [Regression] focus disappears with shift+tab on dialog having one focus component

- S8031462: Fonts with morx tables are broken with latest ICU fixes

- S8032585: JSR292: IllegalAccessError when attempting to invoke protected method from different package

- S8032740: Need to create SE Embedded Source Bundles in 7 Release

- S8033278: Missed access checks for Lookup.unreflect* after 8032585

- S8034772: JDK-8028795 brought a specification change to 7u55 release and caused JCK7 signature test failure

- S8035283: Second phase of branch shortening doesn't account for loop alignment

- S8035613: With active Securitymanager JAXBContext.newInstance fails

- S8035618: Four api/org_omg/CORBA TCK tests fail under plugin only

- S8036147: Increment hsx 24.55 build to b02 for 7u55-b11

- S8036786: Update jdk7 testlibrary to match jdk8

- S8036837: Increment hsx 24.55 build to b03 for 7u55-b12

- S8037012: (tz) Support tzdata2014a

- S8038306: (tz) Support tzdata2014b

- S8038392: Generating prelink cache breaks JAVA 'jinfo' utility normal behavior

- S8042264: 7u65 l10n resource file translation update 1

- S8042582: Test java/awt/KeyboardFocusmanager/ChangeKFMTest/ChangeKFMTes t.html fails on Windows x64

- S8042590: Running form URL throws NPE

- S8042789: org.omg.CORBA.ORBSingletonClass loading no longer uses context class loader

- S8043012: (tz) Support tzdata2014c

- S8004145: New improved hgforest.sh, ctrl-c now properly terminates mercurial processes.

- S8007625: race with nested repos in /common/bin/hgforest.sh

- S8011178: improve common/bin/hgforest.sh python detection (MacOS)

- S8011342: hgforest.sh : 'python --version' not supported on older python

- S8011350: hgforest.sh uses non-POSIX sh features that may fail with some shells

- S8024200: handle hg wrapper with space after #!

- S8025796: hgforest.sh could trigger unbuffered output from hg without complicated machinations

- S8028388: 9 jaxws tests failed in nightly build with java.lang.ClassCastException

- S8031477: [macosx] Loading AWT native library fails

- S8032370: No 'Truncated file' warning from IIOReadWarningListener on JPEGImageReader

- S8035834: InetAddress.getLocalHost() can hang after JDK-8030731 was fixed

- S8009062: poor performance of JNI AttachCurrentThread after fix for 7017193

- S8035893: JVM_GetVersionInfo fails to zero structure

- Re-enable the 'gamma' test at the end of the HotSpot build, but only for HotSpot based bootstrap JDKs.

- S8015976: OpenJDK part of bug JDK-8015812 [TEST_BUG] Tests have conflicting test descriptions

- S8022698: javax/script/GetInterfaceTest.java fails since 7u45 b04 with -agentvm option

- S8022868: missing codepage Cp290 at java runtime

- S8023310: Thread contention in the method Beans.IsDesignTime()

- S8024461: [macosx] Java crashed on mac10.9 for swing and 2d function manual test

- S8025679: Increment minor version of HSx for 7u51 and initialize the build number

- S8026037: [TESTBUG] sun/security/tools/jarsigner/warnings.sh test fails on Solaris

- S8026304: jarsigner output bad grammar

- S8026772:
test/sun/util/resources/TimeZone/Bug6317929.java failing

- S8026887: Make issues due to failed large pages allocations easier to debug

- S8027204: Revise the update of 8026204 and 8025758

- S8027224: test regression - ClassNotFoundException

- S8027370: Support tzdata2013h

- S8027378: Two closed/javax/xml/8005432 fails with jdk7u51b04

- S8027787: 7u51 l10n resource file translation update 1

- S8027837: JDK-8021257 causes CORBA build failure on emdedded platforms

- S8027943: serial version of com.sun.corba.se.spi.orbutil.proxy.CompositeInvocationHa ndlerImpl changed in 7u45

- S8027944: Increment hsx 24.51 build to b02 for 7u51-b07

- S8028057: Modify jarsigner man page documentation to document CCC 8024302: Clarify jar verifications

- S8028090: reverting change - changeset pushed with incorrect commit message, linked to wrong issue

- S8028111: XML readers share the same entity expansion counter

- S8028215: ORB.init fails with SecurityException if properties select the JDK default ORB

- S8028293: Check local configuration for actual ephemeral port range

- S8028382: Two javax/xml/8005433 tests still fail after the fix JDK-8028147

- S8028453: AsynchronousSocketChannel.connect() requires SocketPermission due to bind to local address (win)

- S8028823: java/net/Makefile tabs converted to spaces

- S8029038: Revise fix for XML readers share the same entity expansion counter

- S8029842: Increment hsx 24.51 build to b03 for 7u51-b11

- Bug fixes

- Fix accidental reversion of PR1188 for armel

- PR1781: NSS PKCS11 provider fails to handle multipart AES encryption

- PR1830: Drop version requirement for LCMS 2

- PR1833, RH1022017: Report elliptic curves supported by NSS, not the SunEC library

- RH905128: [CRASH] OpenJDK-1.7.0 while using NSS security provider and kerberos

- PR1393: JPEG support in build is broken on non-system-libjpeg builds

- PR1726: configure fails looking for ecj.jar before even trying to find javac

- Red Hat local: Fix for repo with path statting with / .

- Remove unused hgforest script

- PR1101: Undefined symbols on GNU/Linux SPARC

- PR1659: OpenJDK 7 returns incorrect TrueType font metrics when bold style is set

- PR1677, G498288: Update PaX support to detect running PaX kernel and use newer tools

- PR1679: Allow OpenJDK to build on PaX-enabled kernels

- PR1684: Build fails with empty PAX_COMMAND

- RH1015432: java-1.7.0-openjdk: Fails on PPC with StackOverflowError (revised fix)

- Link against $(LIBDL) if SYSTEM_CUPS is not true

- Perform configure checks using ecj.jar when --with-gcj (native ecj build) is enabled.

- Fix broken bootstrap build by updating ecj-multicatch.patch

- PR1653: Support ppc64le via Zero

- PR1654: ppc32 needs a larger ThreadStackSize to build

- RH1015432: java-1.7.0-openjdk: Fails on PPC with StackOverflowError

- RH910107: fail to load PC/SC library

- ARM32 port

- Add arm_port from IcedTea 6

- Add patches/arm.patch from IcedTea 6

- Add patches/arm-debug.patch from IcedTea 6

- Add patches/arm-hsdis.patch from IcedTea 6

- added jvmti event generation for dynamic_generate and compiled_method_load events to ARM JIT compiler

- Adjust saved SP when safepointing.

- First cut of invokedynamic

- Fix trashed thread ptr after recursive re-entry from asm JIT.

- JIT-compilation of ldc methodHandle

- Rename a bunch of misleadingly-named functions

- Changes for HSX22

- Rename a bunch of misleadingly-named functions

- Patched method handle adapter code to deal with failures in TCK

- Phase 1

- Phase 2

- RTC Thumb2 JIT enhancements.

- Zero fails to build in hsx22+, fix for hsx22 after runs gamma OK, hsx23 still nogo.

- Use ldrexd for atomic reads on ARMv7.

- Use unified syntax for thumb code.

- Corrected call from fast_method_handle_entry to CppInterpreter::method_handle_entry so that thread is loaded into r2

- Don't save locals at a return.

- Fix call to handle_special_method(). Fix compareAndSwapLong.

- Fix JIT bug that miscompiles org.eclipse.ui.internal.contexts.ContextAuthority.source Changed

- invokedynamic and aldc for JIT

- Modified safepoint check to rely on memory protect signal instead of polling

- Minor review cleanups.

- PR1188: ASM Interpreter and Thumb2 JIT javac miscompile modulo reminder on armel

- PR1363: Fedora 19 / rawhide FTBFS SIGILL

- Changes for HSX23

- Remove fragment from method that has been removed

- Remove C++ flags from CC_COMPILE and fix usage in zeroshark.make.

- Use $(CC) to compile mkbc instead of $(CC_COMPILE) to avoid C++-only flags

- Add note about use of $(CFLAGS)/$(CXXFLAGS)/$(CPPFLAGS) at present.

- Override automatic detection of source language for bytecodes_arm.def

- Include $(CFLAGS) in assembler stage

- PR1626: ARM32 assembler update for hsx24. Use ARM32JIT to turn it on/off.

- Replace literal offsets for METHOD_SIZEOFPARAMETERS and ISTATE_NEXT_FRAME with correct symbolic names.

- Turn ARM32 JIT on by default

- AArch64 port

- AArch64 C2 instruct for smull

- Add a constructor as a conversion from Register - RegSet. Use it.

- Add RegSet::operator+=.

- Add support for a few simple intrinsics

- Add support for builtin crc32 instructions

- Add support for CRC32 intrinsic

- Add support for Neon implementation of CRC32

- All address constants are 48 bits in size.

- C1: Fix offset overflow when profiling.

- Common frame handling for C1/C2 which correctly handle all frame sizes

- Correct costs for operations with shifts.

- Correct OptoAssembly for prologs and epilogs.

- Delete useless instruction.

- Don't use any form of _call_VM_leaf when we're calling a stub.

- Fast string comparison

- Fast String.equals()

- Fix a tonne of bogus comments.

- Fix biased locking and enable as default

- Fix instruction size from 8 to 4

- Fix opto assembly for shifts.

- Fix register misuse in verify_method_data_pointer

- Fix register usage in generate_verify_oop().

- Implement various locked memory operations.

- Improve C1 performance improvements in ic_cache checks

- Improve code generation for pop(), as suggested by Edward Nevill.

- Improvements to safepoint polling

- Make code entry alignment 64 for C2

- Minor optimisation for divide by 2

- New cost model for instruction selection.

- Offsets in lookupswitch instructions should be signed.

- Optimise addressing of card table byte map base

- Optimise C2 entry point verification

- Optimise long divide by 2

- Performance improvement and ease of use changes pulled from upstream

- Preserve callee save FP registers around call to java code

- Remove obsolete C1 patching code.

- Remove special-case handling of division arguments.
AArch64 doesn't need it.

- Remove unnecessary memory barriers around CAS operations

- Restore sp from sender sp, r13 in crc32 code

- Restrict default ReservedCodeCacheSize to 128M

- Rewrite CAS operations to be more conservative

- Save intermediate state before removing C1 patching code.

- Tidy up register usage in push/pop instructions.

- Tidy up stack frame handling.

- Use 2- and 3-instruction immediate form of movoop and mov_metadata in C2-generated code.

- Use an explicit set of registers rather than a bitmap for psh and pop operations.

- Use explicit barrier instructions in C1.

- Use gcc __clear_cache instead of doing it ourselves

- PR1713: Support AArch64 Port

- Shark

- Add Shark definitions from 8003868

- Drop compile_method argument removed in 7083786 from sharkCompiler.cpp

Solution

Update the affected java-1_7_0-openjdk packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=887530

https://lists.opensuse.org/opensuse-updates/2014-12/msg00056.html

Plugin Details

Severity: Critical

ID: 80046

File Name: openSUSE-2014-773.nasl

Version: 1.6

Type: local

Agent: unix

Published: 12/16/2014

Updated: 1/19/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.3

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:java-1_7_0-openjdk, p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-accessibility, p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-debuginfo, p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-debugsource, p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-demo, p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-demo-debuginfo, p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-devel, p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-devel-debuginfo, p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-headless, p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-headless-debuginfo, p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-javadoc, p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-src, cpe:/o:novell:opensuse:13.1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 12/3/2014

Reference Information

CVE: CVE-2013-6629, CVE-2013-6954, CVE-2014-0429, CVE-2014-0446, CVE-2014-0451, CVE-2014-0452, CVE-2014-0453, CVE-2014-0454, CVE-2014-0455, CVE-2014-0456, CVE-2014-0457, CVE-2014-0458, CVE-2014-0459, CVE-2014-0460, CVE-2014-0461, CVE-2014-1876, CVE-2014-2397, CVE-2014-2398, CVE-2014-2402, CVE-2014-2403, CVE-2014-2412, CVE-2014-2413, CVE-2014-2414, CVE-2014-2421, CVE-2014-2423, CVE-2014-2427, CVE-2014-2483, CVE-2014-2490, CVE-2014-4209, CVE-2014-4216, CVE-2014-4218, CVE-2014-4219, CVE-2014-4221, CVE-2014-4223, CVE-2014-4244, CVE-2014-4252, CVE-2014-4262, CVE-2014-4263, CVE-2014-4264, CVE-2014-4266, CVE-2014-4268