openSUSE Security Update : OpenJDK7 (openSUSE-2016-982)

This script is Copyright (C) 2016 Tenable Network Security, Inc.

Synopsis :

The remote openSUSE host is missing a security update.

Description :

Update to 2.6.7 - OpenJDK 7u111

- Security fixes

- S8079718, CVE-2016-3458: IIOP Input Stream Hooking

- S8145446, CVE-2016-3485: Perfect pipe placement (Windows
only) (bsc#989734)

- S8147771: Construction of static protection domains
under Javax custom policy

- S8148872, CVE-2016-3500: Complete name checking

- S8149962, CVE-2016-3508: Better delineation of XML
processing (bsc#989731)

- S8150752: Share Class Data

- S8151925: Font reference improvements

- S8152479, CVE-2016-3550: Coded byte streams (bsc#989733)

- S8155981, CVE-2016-3606: Bolster bytecode verification

- S8155985, CVE-2016-3598: Persistent Parameter Processing

- S8158571, CVE-2016-3610: Additional method handle
validation (bsc#989725)

- CVE-2016-3511 (bsc#989727)

- CVE-2016-3503 (bsc#989728)

- CVE-2016-3498 (bsc#989729)

See also :

Solution :

Update the affected OpenJDK7 packages.

Risk factor :

High / CVSS Base Score : 9.3

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now