New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 8.1
SynopsisThe remote SUSE host is missing one or more security updates.
DescriptionThis update for java-1_7_0-openjdk to version 7u181 fixes the following issues :
S8162488: JDK should be updated to use LittleCMS 2.8
S8180881: Better packaging of deserialization
S8182362: Update CipherOutputStream Usage
S8183032: Upgrade to LittleCMS 2.9
S8189123: More consistent classloading
S8190478: Improved interface method selection
S8190877: Better handling of abstract classes
S8191696: Better mouse positioning
S8192030: Better MTSchema support
S8193409: Improve AES supporting classes
S8193414: Improvements in MethodType lookups
S8189969, CVE-2018-2790, bsc#1090023: Manifest better manifest entries
S8189977, CVE-2018-2795, bsc#1090025: Improve permission portability
S8189981, CVE-2018-2796, bsc#1090026: Improve queuing portability
S8189985, CVE-2018-2797, bsc#1090027: Improve tabular data portability
S8189989, CVE-2018-2798, bsc#1090028: Improve container portability
S8189993, CVE-2018-2799, bsc#1090029: Improve document portability
S8189997, CVE-2018-2794, bsc#1090024: Enhance keystore mechanisms
S8192025, CVE-2018-2814, bsc#1090032: Less referential references
S8192757, CVE-2018-2815, bsc#1090033: Improve stub classes implementation
S8193833, CVE-2018-2800, bsc#1090030: Better RMI connection support
For additional changes please consult the changelog.
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionTo install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'.
Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2018-1135=1