SUSE alert SUSE-SU-2013:1666-1 (OpenJDK 7)


From:
    	       opensuse-security@opensuse.org 
To:
    	       opensuse-security-announce@opensuse.org 
Subject:
    	       [security-announce] SUSE-SU-2013:1666-1: important: Security update for OpenJDK 7 
Date:
    	       Wed, 13 Nov 2013 15:04:17 +0100 (CET)
Message-ID:
    	       <20131113140417.E850332402@maintenance.suse.de>

   SUSE Security Update: Security update for OpenJDK 7
______________________________________________________________________________

Announcement ID:    SUSE-SU-2013:1666-1
Rating:             important
References:         #846999 
Cross-References:   CVE-2013-3829 CVE-2013-4002 CVE-2013-5772
                    CVE-2013-5774 CVE-2013-5778 CVE-2013-5780
                    CVE-2013-5782 CVE-2013-5783 CVE-2013-5784
                    CVE-2013-5790 CVE-2013-5797 CVE-2013-5800
                    CVE-2013-5802 CVE-2013-5803 CVE-2013-5804
                    CVE-2013-5805 CVE-2013-5806 CVE-2013-5809
                    CVE-2013-5814 CVE-2013-5817 CVE-2013-5820
                    CVE-2013-5823 CVE-2013-5825 CVE-2013-5829
                    CVE-2013-5830 CVE-2013-5840 CVE-2013-5842
                    CVE-2013-5849 CVE-2013-5850 CVE-2013-5851
                   
Affected Products:
                    SUSE Linux Enterprise Desktop 11 SP3
______________________________________________________________________________

   An update that fixes 30 vulnerabilities is now available.

Description:


   This release updates our OpenJDK 7 support in the 2.4.x
   series with a  number of security fixes and synchronises it
   with upstream development. The  security issues fixed (a
   long list) can be found in the following link:

   http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-O
   ctober/025087.html
   <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-
   October/025087.html>

   Security Issue references:

   * CVE-2013-3829
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3829
   >
   * CVE-2013-5780
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5780
   >
   * CVE-2013-5772
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5772
   >
   * CVE-2013-5814
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5814
   >
   * CVE-2013-5790
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5790
   >
   * CVE-2013-5849
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5849
   >
   * CVE-2013-5802
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802
   >
   * CVE-2013-5851
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5851
   >
   * CVE-2013-5809
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5809
   >
   * CVE-2013-5817
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5817
   >
   * CVE-2013-5783
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5783
   >
   * CVE-2013-5782
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5782
   >
   * CVE-2013-5778
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5778
   >
   * CVE-2013-5803
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5803
   >
   * CVE-2013-5840
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5840
   >
   * CVE-2013-5825
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5825
   >
   * CVE-2013-5842
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5842
   >
   * CVE-2013-5774
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5774
   >
   * CVE-2013-5804
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5804
   >
   * CVE-2013-5797
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5797
   >
   * CVE-2013-5850
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5850
   >
   * CVE-2013-5829
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5829
   >
   * CVE-2013-5830
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5830
   >
   * CVE-2013-4002
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4002
   >
   * CVE-2013-5784
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5784
   >
   * CVE-2013-5820
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5820
   >
   * CVE-2013-5805
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5805
   >
   * CVE-2013-5806
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5806
   >
   * CVE-2013-5823
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5823
   >
   * CVE-2013-5800
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5800
   >


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Desktop 11 SP3:

      zypper in -t patch sledsp3-java-1_7_0-openjdk-8494

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64):

      java-1_7_0-openjdk-1.7.0.6-0.21.1
      java-1_7_0-openjdk-demo-1.7.0.6-0.21.1
      java-1_7_0-openjdk-devel-1.7.0.6-0.21.1


References:

   http://support.novell.com/security/cve/CVE-2013-3829.html
   http://support.novell.com/security/cve/CVE-2013-4002.html
   http://support.novell.com/security/cve/CVE-2013-5772.html
   http://support.novell.com/security/cve/CVE-2013-5774.html
   http://support.novell.com/security/cve/CVE-2013-5778.html
   http://support.novell.com/security/cve/CVE-2013-5780.html
   http://support.novell.com/security/cve/CVE-2013-5782.html
   http://support.novell.com/security/cve/CVE-2013-5783.html
   http://support.novell.com/security/cve/CVE-2013-5784.html
   http://support.novell.com/security/cve/CVE-2013-5790.html
   http://support.novell.com/security/cve/CVE-2013-5797.html
   http://support.novell.com/security/cve/CVE-2013-5800.html
   http://support.novell.com/security/cve/CVE-2013-5802.html
   http://support.novell.com/security/cve/CVE-2013-5803.html
   http://support.novell.com/security/cve/CVE-2013-5804.html
   http://support.novell.com/security/cve/CVE-2013-5805.html
   http://support.novell.com/security/cve/CVE-2013-5806.html
   http://support.novell.com/security/cve/CVE-2013-5809.html
   http://support.novell.com/security/cve/CVE-2013-5814.html
   http://support.novell.com/security/cve/CVE-2013-5817.html
   http://support.novell.com/security/cve/CVE-2013-5820.html
   http://support.novell.com/security/cve/CVE-2013-5823.html
   http://support.novell.com/security/cve/CVE-2013-5825.html
   http://support.novell.com/security/cve/CVE-2013-5829.html
   http://support.novell.com/security/cve/CVE-2013-5830.html
   http://support.novell.com/security/cve/CVE-2013-5840.html
   http://support.novell.com/security/cve/CVE-2013-5842.html
   http://support.novell.com/security/cve/CVE-2013-5849.html
   http://support.novell.com/security/cve/CVE-2013-5850.html
   http://support.novell.com/security/cve/CVE-2013-5851.html
   https://bugzilla.novell.com/846999
   http://download.novell.com/patch/finder/?keywords=41b2667...

-- 
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
From:		opensuse-security@opensuse.org
To:		opensuse-security-announce@opensuse.org
Subject:		[security-announce] SUSE-SU-2013:1666-1: important: Security update for OpenJDK 7
Date:		Wed, 13 Nov 2013 15:04:17 +0100 (CET)
Message-ID:		<20131113140417.E850332402@maintenance.suse.de>