SuSE 11.2 Security Update : OpenJDK 1.6 (SAT Patch Number 8598)

critical Nessus Plugin ID 71171

Language:

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it is different from CVSS.

VPR Score: 6

Synopsis

The remote SuSE 11 host is missing one or more security updates.

Description

OpenJDK 1.6 was updated to the new Icedtea release 1.12.7, which includes many fixes for bugs and security issues :

- S8006900, CVE-2013-3829: Add new date/time capability

- S8008589: Better MBean permission validation

- S8011071, CVE-2013-5780: Better crypto provider handling

- S8011081, CVE-2013-5772: Improve jhat

- S8011157, CVE-2013-5814: Improve CORBA portablility

- S8012071, CVE-2013-5790: Better Building of Beans

- S8012147: Improve tool support

- S8012277: CVE-2013-5849: Improve AWT DataFlavor

- S8012425, CVE-2013-5802: Transform TransformerFactory

- S8013503, CVE-2013-5851: Improve stream factories

- S8013506: Better Pack200 data handling

- S8013510, CVE-2013-5809: Augment image writing code

- S8013514: Improve stability of cmap class

- S8013739, CVE-2013-5817: Better LDAP resource management

- S8013744, CVE-2013-5783: Better tabling for AWT

- S8014085: Better serialization support in JMX classes

- S8014093, CVE-2013-5782: Improve parsing of images

- S8014102, CVE-2013-5778: Improve image conversion

- S8014341, CVE-2013-5803: Better service from Kerberos servers

- S8014349, CVE-2013-5840: (cl) Class.getDeclaredClass problematic in some class loader configurations

- S8014530, CVE-2013-5825: Better digital signature processing

- S8014534: Better profiling support

- S8014987, CVE-2013-5842: Augment serialization handling

- S8015614: Update build settings

- S8015731: Subject java.security.auth.subject to improvements

- S8015743, CVE-2013-5774: Address internet addresses

- S8016256: Make finalization final

- S8016653, CVE-2013-5804: javadoc should ignore ignoreable characters in names

- S8016675, CVE-2013-5797: Make Javadoc pages more robust

- S8017196, CVE-2013-5850: Ensure Proxies are handled appropriately

- S8017287, CVE-2013-5829: Better resource disposal

- S8017291, CVE-2013-5830: Cast Proxies Aside

- S8017298, CVE-2013-4002: Better XML support

- S8017300, CVE-2013-5784: Improve Interface Implementation

- S8017505, CVE-2013-5820: Better Client Service

- S8019292: Better Attribute Value Exceptions

- S8019617: Better view of objects

- S8020293: JVM crash

- S8021290, CVE-2013-5823: Better signature validation

- S8022940: Enhance CORBA translations

- S8023683: Enhance class file parsing

Solution

Apply SAT patch number 8598.

Plugin Details

Severity: Critical

ID: 71171

File Name: suse_11_java-1_6_0-openjdk-131129.nasl

Version: 1.3

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 12/3/2013

Updated: 1/19/2021

Dependencies: ssh_get_info.nasl

Risk Information

Risk Factor: Critical

VPR Score: 6

CVSS v2.0

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:java-1_6_0-openjdk, p-cpe:/a:novell:suse_linux:11:java-1_6_0-openjdk-demo, p-cpe:/a:novell:suse_linux:11:java-1_6_0-openjdk-devel, cpe:/o:novell:suse_linux:11

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 11/29/2013

Reference Information

CVE: CVE-2013-3829, CVE-2013-4002, CVE-2013-5772, CVE-2013-5774, CVE-2013-5778, CVE-2013-5780, CVE-2013-5782, CVE-2013-5783, CVE-2013-5784, CVE-2013-5790, CVE-2013-5797, CVE-2013-5802, CVE-2013-5803, CVE-2013-5804, CVE-2013-5809, CVE-2013-5814, CVE-2013-5817, CVE-2013-5820, CVE-2013-5823, CVE-2013-5825, CVE-2013-5829, CVE-2013-5830, CVE-2013-5840, CVE-2013-5842, CVE-2013-5849, CVE-2013-5850, CVE-2013-5851