java-1_8_0-openjdk-1.8.0.111-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10197-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z java-1_8_0-openjdk-1.8.0.111-1.1 on GA media These are all security issues fixed in the java-1_8_0-openjdk-1.8.0.111-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10197 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2015-2590/ SUSE CVE CVE-2015-2590 page https://www.suse.com/security/cve/CVE-2015-2597/ SUSE CVE CVE-2015-2597 page https://www.suse.com/security/cve/CVE-2015-2601/ SUSE CVE CVE-2015-2601 page https://www.suse.com/security/cve/CVE-2015-2613/ SUSE CVE CVE-2015-2613 page https://www.suse.com/security/cve/CVE-2015-2619/ SUSE CVE CVE-2015-2619 page https://www.suse.com/security/cve/CVE-2015-2621/ SUSE CVE CVE-2015-2621 page https://www.suse.com/security/cve/CVE-2015-2625/ SUSE CVE CVE-2015-2625 page https://www.suse.com/security/cve/CVE-2015-2627/ SUSE CVE CVE-2015-2627 page https://www.suse.com/security/cve/CVE-2015-2628/ SUSE CVE CVE-2015-2628 page https://www.suse.com/security/cve/CVE-2015-2632/ SUSE CVE CVE-2015-2632 page https://www.suse.com/security/cve/CVE-2015-2637/ SUSE CVE CVE-2015-2637 page https://www.suse.com/security/cve/CVE-2015-2638/ SUSE CVE CVE-2015-2638 page https://www.suse.com/security/cve/CVE-2015-2659/ SUSE CVE CVE-2015-2659 page https://www.suse.com/security/cve/CVE-2015-2664/ SUSE CVE CVE-2015-2664 page https://www.suse.com/security/cve/CVE-2015-2808/ SUSE CVE CVE-2015-2808 page https://www.suse.com/security/cve/CVE-2015-4000/ SUSE CVE CVE-2015-4000 page https://www.suse.com/security/cve/CVE-2015-4729/ SUSE CVE CVE-2015-4729 page https://www.suse.com/security/cve/CVE-2015-4731/ SUSE CVE CVE-2015-4731 page https://www.suse.com/security/cve/CVE-2015-4732/ SUSE CVE CVE-2015-4732 page https://www.suse.com/security/cve/CVE-2015-4733/ SUSE CVE CVE-2015-4733 page https://www.suse.com/security/cve/CVE-2015-4734/ SUSE CVE CVE-2015-4734 page https://www.suse.com/security/cve/CVE-2015-4736/ SUSE CVE CVE-2015-4736 page https://www.suse.com/security/cve/CVE-2015-4748/ SUSE CVE CVE-2015-4748 page https://www.suse.com/security/cve/CVE-2015-4749/ SUSE CVE CVE-2015-4749 page https://www.suse.com/security/cve/CVE-2015-4760/ SUSE CVE CVE-2015-4760 page https://www.suse.com/security/cve/CVE-2015-4803/ SUSE CVE CVE-2015-4803 page https://www.suse.com/security/cve/CVE-2015-4805/ SUSE CVE CVE-2015-4805 page https://www.suse.com/security/cve/CVE-2015-4806/ SUSE CVE CVE-2015-4806 page https://www.suse.com/security/cve/CVE-2015-4810/ SUSE CVE CVE-2015-4810 page https://www.suse.com/security/cve/CVE-2015-4835/ SUSE CVE CVE-2015-4835 page https://www.suse.com/security/cve/CVE-2015-4840/ SUSE CVE CVE-2015-4840 page https://www.suse.com/security/cve/CVE-2015-4842/ SUSE CVE CVE-2015-4842 page https://www.suse.com/security/cve/CVE-2015-4843/ SUSE CVE CVE-2015-4843 page https://www.suse.com/security/cve/CVE-2015-4844/ SUSE CVE CVE-2015-4844 page https://www.suse.com/security/cve/CVE-2015-4860/ SUSE CVE CVE-2015-4860 page https://www.suse.com/security/cve/CVE-2015-4868/ SUSE CVE CVE-2015-4868 page https://www.suse.com/security/cve/CVE-2015-4872/ SUSE CVE CVE-2015-4872 page https://www.suse.com/security/cve/CVE-2015-4881/ SUSE CVE CVE-2015-4881 page https://www.suse.com/security/cve/CVE-2015-4882/ SUSE CVE CVE-2015-4882 page https://www.suse.com/security/cve/CVE-2015-4883/ SUSE CVE CVE-2015-4883 page https://www.suse.com/security/cve/CVE-2015-4893/ SUSE CVE CVE-2015-4893 page https://www.suse.com/security/cve/CVE-2015-4901/ SUSE CVE CVE-2015-4901 page https://www.suse.com/security/cve/CVE-2015-4902/ SUSE CVE CVE-2015-4902 page https://www.suse.com/security/cve/CVE-2015-4903/ SUSE CVE CVE-2015-4903 page https://www.suse.com/security/cve/CVE-2015-4906/ SUSE CVE CVE-2015-4906 page https://www.suse.com/security/cve/CVE-2015-4908/ SUSE CVE CVE-2015-4908 page https://www.suse.com/security/cve/CVE-2015-4911/ SUSE CVE CVE-2015-4911 page https://www.suse.com/security/cve/CVE-2015-4916/ SUSE CVE CVE-2015-4916 page https://www.suse.com/security/cve/CVE-2015-7575/ SUSE CVE CVE-2015-7575 page https://www.suse.com/security/cve/CVE-2015-8126/ SUSE CVE CVE-2015-8126 page https://www.suse.com/security/cve/CVE-2016-0402/ SUSE CVE CVE-2016-0402 page https://www.suse.com/security/cve/CVE-2016-0448/ SUSE CVE CVE-2016-0448 page https://www.suse.com/security/cve/CVE-2016-0466/ SUSE CVE CVE-2016-0466 page https://www.suse.com/security/cve/CVE-2016-0475/ SUSE CVE CVE-2016-0475 page https://www.suse.com/security/cve/CVE-2016-0483/ SUSE CVE CVE-2016-0483 page https://www.suse.com/security/cve/CVE-2016-0494/ SUSE CVE CVE-2016-0494 page https://www.suse.com/security/cve/CVE-2016-0636/ SUSE CVE CVE-2016-0636 page https://www.suse.com/security/cve/CVE-2016-0686/ SUSE CVE CVE-2016-0686 page https://www.suse.com/security/cve/CVE-2016-0687/ SUSE CVE CVE-2016-0687 page https://www.suse.com/security/cve/CVE-2016-0695/ SUSE CVE CVE-2016-0695 page https://www.suse.com/security/cve/CVE-2016-3425/ SUSE CVE CVE-2016-3425 page https://www.suse.com/security/cve/CVE-2016-3426/ SUSE CVE CVE-2016-3426 page https://www.suse.com/security/cve/CVE-2016-3427/ SUSE CVE CVE-2016-3427 page https://www.suse.com/security/cve/CVE-2016-3458/ SUSE CVE CVE-2016-3458 page https://www.suse.com/security/cve/CVE-2016-3485/ SUSE CVE CVE-2016-3485 page https://www.suse.com/security/cve/CVE-2016-3498/ SUSE CVE CVE-2016-3498 page https://www.suse.com/security/cve/CVE-2016-3500/ SUSE CVE CVE-2016-3500 page https://www.suse.com/security/cve/CVE-2016-3503/ SUSE CVE CVE-2016-3503 page https://www.suse.com/security/cve/CVE-2016-3508/ SUSE CVE CVE-2016-3508 page https://www.suse.com/security/cve/CVE-2016-3511/ SUSE CVE CVE-2016-3511 page https://www.suse.com/security/cve/CVE-2016-3550/ SUSE CVE CVE-2016-3550 page https://www.suse.com/security/cve/CVE-2016-3552/ SUSE CVE CVE-2016-3552 page https://www.suse.com/security/cve/CVE-2016-3587/ SUSE CVE CVE-2016-3587 page https://www.suse.com/security/cve/CVE-2016-3598/ SUSE CVE CVE-2016-3598 page https://www.suse.com/security/cve/CVE-2016-3606/ SUSE CVE CVE-2016-3606 page https://www.suse.com/security/cve/CVE-2016-3610/ SUSE CVE CVE-2016-3610 page https://www.suse.com/security/cve/CVE-2016-5542/ SUSE CVE CVE-2016-5542 page https://www.suse.com/security/cve/CVE-2016-5554/ SUSE CVE CVE-2016-5554 page https://www.suse.com/security/cve/CVE-2016-5556/ SUSE CVE CVE-2016-5556 page https://www.suse.com/security/cve/CVE-2016-5568/ SUSE CVE CVE-2016-5568 page https://www.suse.com/security/cve/CVE-2016-5573/ SUSE CVE CVE-2016-5573 page https://www.suse.com/security/cve/CVE-2016-5582/ SUSE CVE CVE-2016-5582 page https://www.suse.com/security/cve/CVE-2016-5597/ SUSE CVE CVE-2016-5597 page openSUSE Tumbleweed java-1_8_0-openjdk-1.8.0.111-1.1 java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 java-1_8_0-openjdk-demo-1.8.0.111-1.1 java-1_8_0-openjdk-devel-1.8.0.111-1.1 java-1_8_0-openjdk-headless-1.8.0.111-1.1 java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 java-1_8_0-openjdk-src-1.8.0.111-1.1 java-1_8_0-openjdk-1.8.0.111-1.1 as a component of openSUSE Tumbleweed java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 as a component of openSUSE Tumbleweed java-1_8_0-openjdk-demo-1.8.0.111-1.1 as a component of openSUSE Tumbleweed java-1_8_0-openjdk-devel-1.8.0.111-1.1 as a component of openSUSE Tumbleweed java-1_8_0-openjdk-headless-1.8.0.111-1.1 as a component of openSUSE Tumbleweed java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 as a component of openSUSE Tumbleweed java-1_8_0-openjdk-src-1.8.0.111-1.1 as a component of openSUSE Tumbleweed Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732. CVE-2015-2590 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-2590.html CVE-2015-2590 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Install. CVE-2015-2597 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-2597.html CVE-2015-2597 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE. CVE-2015-2601 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 5 AV:N/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-2601.html CVE-2015-2601 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE. CVE-2015-2613 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 5 AV:N/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-2613.html CVE-2015-2613 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 https://bugzilla.suse.com/951727 SUSE Bug 951727 Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, JavaFX 2.2.80, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via unknown vectors related to 2D. CVE-2015-2619 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 5 AV:N/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-2619.html CVE-2015-2619 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33, allows remote attackers to affect confidentiality via vectors related to JMX. CVE-2015-2621 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 5 AV:N/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-2621.html CVE-2015-2621 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JSSE. CVE-2015-2625 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 2.6 AV:N/AC:H/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-2625.html CVE-2015-2625 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to installation. CVE-2015-2627 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 2.6 AV:N/AC:H/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-2627.html CVE-2015-2627 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. CVE-2015-2628 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-2628.html CVE-2015-2628 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to 2D. CVE-2015-2632 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 5 AV:N/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-2632.html CVE-2015-2632 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via unknown vectors related to 2D. CVE-2015-2637 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 5 AV:N/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-2637.html CVE-2015-2637 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. CVE-2015-2638 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-2638.html CVE-2015-2638 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 8u45 and Java SE Embedded 8u33 allows remote attackers to affect availability via unknown vectors related to Security. CVE-2015-2659 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-2659.html CVE-2015-2659 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. CVE-2015-2664 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-2664.html CVE-2015-2664 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue. CVE-2015-2808 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 2.6 AV:N/AC:H/Au:N/C:P/I:N/A:N 5 AV:N/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-2808.html CVE-2015-2808 https://bugzilla.suse.com/925378 SUSE Bug 925378 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 https://bugzilla.suse.com/952088 SUSE Bug 952088 The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue. CVE-2015-4000 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 7.3 AV:N/AC:H/Au:N/C:C/I:C/A:P 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4000.html CVE-2015-4000 https://bugzilla.suse.com/1074631 SUSE Bug 1074631 https://bugzilla.suse.com/1211968 SUSE Bug 1211968 https://bugzilla.suse.com/931600 SUSE Bug 931600 https://bugzilla.suse.com/931698 SUSE Bug 931698 https://bugzilla.suse.com/931723 SUSE Bug 931723 https://bugzilla.suse.com/931845 SUSE Bug 931845 https://bugzilla.suse.com/932026 SUSE Bug 932026 https://bugzilla.suse.com/932483 SUSE Bug 932483 https://bugzilla.suse.com/934789 SUSE Bug 934789 https://bugzilla.suse.com/935033 SUSE Bug 935033 https://bugzilla.suse.com/935540 SUSE Bug 935540 https://bugzilla.suse.com/935979 SUSE Bug 935979 https://bugzilla.suse.com/937202 SUSE Bug 937202 https://bugzilla.suse.com/937766 SUSE Bug 937766 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938432 SUSE Bug 938432 https://bugzilla.suse.com/938895 SUSE Bug 938895 https://bugzilla.suse.com/938905 SUSE Bug 938905 https://bugzilla.suse.com/938906 SUSE Bug 938906 https://bugzilla.suse.com/938913 SUSE Bug 938913 https://bugzilla.suse.com/938945 SUSE Bug 938945 https://bugzilla.suse.com/943664 SUSE Bug 943664 https://bugzilla.suse.com/944729 SUSE Bug 944729 https://bugzilla.suse.com/945582 SUSE Bug 945582 https://bugzilla.suse.com/955589 SUSE Bug 955589 https://bugzilla.suse.com/980406 SUSE Bug 980406 https://bugzilla.suse.com/990592 SUSE Bug 990592 https://bugzilla.suse.com/994144 SUSE Bug 994144 Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment. CVE-2015-4729 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 4 AV:N/AC:H/Au:N/C:P/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4729.html CVE-2015-4729 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. CVE-2015-4731 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4731.html CVE-2015-4731 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-2590. CVE-2015-4732 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4732.html CVE-2015-4732 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. CVE-2015-4733 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4733.html CVE-2015-4733 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JGSS. CVE-2015-4734 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 5 AV:N/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4734.html CVE-2015-4734 https://bugzilla.suse.com/951376 SUSE Bug 951376 https://bugzilla.suse.com/955131 SUSE Bug 955131 Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. CVE-2015-4736 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4736.html CVE-2015-4736 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security. CVE-2015-4748 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 7.6 AV:N/AC:H/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4748.html CVE-2015-4748 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect availability via vectors related to JNDI. CVE-2015-4749 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4749.html CVE-2015-4749 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. CVE-2015-4760 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4760.html CVE-2015-4760 https://bugzilla.suse.com/937828 SUSE Bug 937828 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938895 SUSE Bug 938895 Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911. CVE-2015-4803 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4803.html CVE-2015-4803 https://bugzilla.suse.com/951376 SUSE Bug 951376 https://bugzilla.suse.com/955131 SUSE Bug 955131 Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serialization. CVE-2015-4805 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 critical 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4805.html CVE-2015-4805 https://bugzilla.suse.com/951376 SUSE Bug 951376 https://bugzilla.suse.com/955131 SUSE Bug 955131 Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. CVE-2015-4806 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 6.4 AV:N/AC:L/Au:N/C:P/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4806.html CVE-2015-4806 https://bugzilla.suse.com/951376 SUSE Bug 951376 https://bugzilla.suse.com/955131 SUSE Bug 955131 Unspecified vulnerability in Oracle Java SE 7u85 and 8u60 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. CVE-2015-4810 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 critical 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4810.html CVE-2015-4810 https://bugzilla.suse.com/951376 SUSE Bug 951376 https://bugzilla.suse.com/955131 SUSE Bug 955131 Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4881. CVE-2015-4835 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 critical 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4835.html CVE-2015-4835 https://bugzilla.suse.com/951376 SUSE Bug 951376 https://bugzilla.suse.com/955131 SUSE Bug 955131 Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via unknown vectors related to 2D. CVE-2015-4840 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 5 AV:N/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4840.html CVE-2015-4840 https://bugzilla.suse.com/951376 SUSE Bug 951376 https://bugzilla.suse.com/955131 SUSE Bug 955131 Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JAXP. CVE-2015-4842 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 5 AV:N/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4842.html CVE-2015-4842 https://bugzilla.suse.com/951376 SUSE Bug 951376 https://bugzilla.suse.com/955131 SUSE Bug 955131 Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. CVE-2015-4843 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 critical 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4843.html CVE-2015-4843 https://bugzilla.suse.com/951376 SUSE Bug 951376 https://bugzilla.suse.com/955131 SUSE Bug 955131 Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. CVE-2015-4844 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 critical 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4844.html CVE-2015-4844 https://bugzilla.suse.com/951376 SUSE Bug 951376 https://bugzilla.suse.com/955131 SUSE Bug 955131 Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4883. CVE-2015-4860 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 critical 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4860.html CVE-2015-4860 https://bugzilla.suse.com/951376 SUSE Bug 951376 https://bugzilla.suse.com/955131 SUSE Bug 955131 Unspecified vulnerability in Oracle Java SE 8u60 and Java SE Embedded 8u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. CVE-2015-4868 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 7.6 AV:N/AC:H/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4868.html CVE-2015-4868 https://bugzilla.suse.com/951376 SUSE Bug 951376 Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect integrity via unknown vectors related to Security. CVE-2015-4872 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4872.html CVE-2015-4872 https://bugzilla.suse.com/951376 SUSE Bug 951376 https://bugzilla.suse.com/955131 SUSE Bug 955131 Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4835. CVE-2015-4881 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 critical 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4881.html CVE-2015-4881 https://bugzilla.suse.com/951376 SUSE Bug 951376 Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect availability via vectors related to CORBA. CVE-2015-4882 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4882.html CVE-2015-4882 https://bugzilla.suse.com/951376 SUSE Bug 951376 https://bugzilla.suse.com/955131 SUSE Bug 955131 Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4860. CVE-2015-4883 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 critical 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4883.html CVE-2015-4883 https://bugzilla.suse.com/951376 SUSE Bug 951376 https://bugzilla.suse.com/955131 SUSE Bug 955131 Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911. CVE-2015-4893 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4893.html CVE-2015-4893 https://bugzilla.suse.com/951376 SUSE Bug 951376 https://bugzilla.suse.com/955131 SUSE Bug 955131 Unspecified vulnerability in Oracle Java SE 8u60 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX. CVE-2015-4901 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4901.html CVE-2015-4901 https://bugzilla.suse.com/951376 SUSE Bug 951376 Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to Deployment. CVE-2015-4902 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 critical 5 AV:N/AC:L/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4902.html CVE-2015-4902 https://bugzilla.suse.com/951376 SUSE Bug 951376 https://bugzilla.suse.com/955131 SUSE Bug 955131 Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to RMI. CVE-2015-4903 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 5 AV:N/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4903.html CVE-2015-4903 https://bugzilla.suse.com/951376 SUSE Bug 951376 https://bugzilla.suse.com/955131 SUSE Bug 955131 Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors related to JavaFX, a different vulnerability than CVE-2015-4908 and CVE-2015-4916. CVE-2015-4906 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 5 AV:N/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4906.html CVE-2015-4906 https://bugzilla.suse.com/951376 SUSE Bug 951376 Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2015-4906 and CVE-2015-4916. CVE-2015-4908 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 5 AV:N/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4908.html CVE-2015-4908 https://bugzilla.suse.com/951376 SUSE Bug 951376 Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4893. CVE-2015-4911 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4911.html CVE-2015-4911 https://bugzilla.suse.com/951376 SUSE Bug 951376 https://bugzilla.suse.com/955131 SUSE Bug 955131 Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2015-4906 and CVE-2015-4908. CVE-2015-4916 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 5 AV:N/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4916.html CVE-2015-4916 https://bugzilla.suse.com/951376 SUSE Bug 951376 Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision. CVE-2015-7575 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-7575.html CVE-2015-7575 https://bugzilla.suse.com/959888 SUSE Bug 959888 https://bugzilla.suse.com/960402 SUSE Bug 960402 https://bugzilla.suse.com/960996 SUSE Bug 960996 https://bugzilla.suse.com/961280 SUSE Bug 961280 https://bugzilla.suse.com/961281 SUSE Bug 961281 https://bugzilla.suse.com/961282 SUSE Bug 961282 https://bugzilla.suse.com/961283 SUSE Bug 961283 https://bugzilla.suse.com/961284 SUSE Bug 961284 https://bugzilla.suse.com/961290 SUSE Bug 961290 https://bugzilla.suse.com/961357 SUSE Bug 961357 https://bugzilla.suse.com/962743 SUSE Bug 962743 https://bugzilla.suse.com/963937 SUSE Bug 963937 https://bugzilla.suse.com/967521 SUSE Bug 967521 https://bugzilla.suse.com/981087 SUSE Bug 981087 Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. CVE-2015-8126 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 4.3 AV:L/AC:L/Au:S/C:P/I:P/A:P 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8126.html CVE-2015-8126 https://bugzilla.suse.com/954980 SUSE Bug 954980 https://bugzilla.suse.com/958198 SUSE Bug 958198 https://bugzilla.suse.com/960402 SUSE Bug 960402 https://bugzilla.suse.com/962743 SUSE Bug 962743 https://bugzilla.suse.com/963937 SUSE Bug 963937 https://bugzilla.suse.com/969333 SUSE Bug 969333 Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking. CVE-2016-0402 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 critical 5 AV:N/AC:L/Au:N/C:N/I:P/A:N 5 AV:N/AC:L/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-0402.html CVE-2016-0402 https://bugzilla.suse.com/960402 SUSE Bug 960402 https://bugzilla.suse.com/962743 SUSE Bug 962743 https://bugzilla.suse.com/963937 SUSE Bug 963937 Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE Embedded 8u65 allows remote authenticated users to affect confidentiality via vectors related to JMX. CVE-2016-0448 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 critical 4 AV:N/AC:L/Au:S/C:P/I:N/A:N 4 AV:N/AC:L/Au:S/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-0448.html CVE-2016-0448 https://bugzilla.suse.com/960402 SUSE Bug 960402 https://bugzilla.suse.com/962743 SUSE Bug 962743 https://bugzilla.suse.com/963937 SUSE Bug 963937 Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect availability via vectors related to JAXP. CVE-2016-0466 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 critical 5 AV:N/AC:L/Au:N/C:N/I:N/A:P 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-0466.html CVE-2016-0466 https://bugzilla.suse.com/960402 SUSE Bug 960402 https://bugzilla.suse.com/962743 SUSE Bug 962743 https://bugzilla.suse.com/963937 SUSE Bug 963937 Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. CVE-2016-0475 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 critical 5.8 AV:N/AC:M/Au:N/C:P/I:P/A:N 5.8 AV:N/AC:M/Au:N/C:P/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-0475.html CVE-2016-0475 https://bugzilla.suse.com/962743 SUSE Bug 962743 https://bugzilla.suse.com/963937 SUSE Bug 963937 Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data. CVE-2016-0483 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 critical 10 AV:N/AC:L/Au:N/C:C/I:C/A:C 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-0483.html CVE-2016-0483 https://bugzilla.suse.com/960402 SUSE Bug 960402 https://bugzilla.suse.com/962743 SUSE Bug 962743 https://bugzilla.suse.com/963937 SUSE Bug 963937 Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. CVE-2016-0494 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 critical 10 AV:N/AC:L/Au:N/C:C/I:C/A:C 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-0494.html CVE-2016-0494 https://bugzilla.suse.com/962743 SUSE Bug 962743 https://bugzilla.suse.com/963937 SUSE Bug 963937 Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Hotspot sub-component. CVE-2016-0636 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 critical 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-0636.html CVE-2016-0636 https://bugzilla.suse.com/972468 SUSE Bug 972468 https://bugzilla.suse.com/979252 SUSE Bug 979252 Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization. CVE-2016-0686 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 10 AV:N/AC:L/Au:N/C:C/I:C/A:C 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-0686.html CVE-2016-0686 https://bugzilla.suse.com/976340 SUSE Bug 976340 https://bugzilla.suse.com/979252 SUSE Bug 979252 Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component. CVE-2016-0687 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 10 AV:N/AC:L/Au:N/C:C/I:C/A:C 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-0687.html CVE-2016-0687 https://bugzilla.suse.com/976340 SUSE Bug 976340 https://bugzilla.suse.com/979252 SUSE Bug 979252 Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security. CVE-2016-0695 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 2.6 AV:N/AC:H/Au:N/C:P/I:N/A:N 2.6 AV:N/AC:H/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-0695.html CVE-2016-0695 https://bugzilla.suse.com/976340 SUSE Bug 976340 https://bugzilla.suse.com/979252 SUSE Bug 979252 Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP. CVE-2016-3425 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-3425.html CVE-2016-3425 https://bugzilla.suse.com/976340 SUSE Bug 976340 https://bugzilla.suse.com/979252 SUSE Bug 979252 Unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality via vectors related to JCE. CVE-2016-3426 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-3426.html CVE-2016-3426 https://bugzilla.suse.com/976340 SUSE Bug 976340 https://bugzilla.suse.com/979252 SUSE Bug 979252 Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. CVE-2016-3427 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 10 AV:N/AC:L/Au:N/C:C/I:C/A:C 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-3427.html CVE-2016-3427 https://bugzilla.suse.com/1011805 SUSE Bug 1011805 https://bugzilla.suse.com/976340 SUSE Bug 976340 https://bugzilla.suse.com/979252 SUSE Bug 979252 Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA. CVE-2016-3458 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-3458.html CVE-2016-3458 https://bugzilla.suse.com/989732 SUSE Bug 989732 Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking. CVE-2016-3485 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 low 1.2 AV:L/AC:H/Au:N/C:N/I:P/A:N 2.1 AV:L/AC:L/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-3485.html CVE-2016-3485 https://bugzilla.suse.com/1009280 SUSE Bug 1009280 https://bugzilla.suse.com/989734 SUSE Bug 989734 Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows remote attackers to affect availability via vectors related to JavaFX. CVE-2016-3498 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-3498.html CVE-2016-3498 https://bugzilla.suse.com/989729 SUSE Bug 989729 Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3508. CVE-2016-3500 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-3500.html CVE-2016-3500 https://bugzilla.suse.com/989730 SUSE Bug 989730 Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Install. CVE-2016-3503 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 3.7 AV:L/AC:H/Au:N/C:P/I:P/A:P 4.4 AV:L/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-3503.html CVE-2016-3503 https://bugzilla.suse.com/989728 SUSE Bug 989728 Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500. CVE-2016-3508 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-3508.html CVE-2016-3508 https://bugzilla.suse.com/989731 SUSE Bug 989731 Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Deployment. CVE-2016-3511 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 3.7 AV:L/AC:H/Au:N/C:P/I:P/A:P 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-3511.html CVE-2016-3511 https://bugzilla.suse.com/1009280 SUSE Bug 1009280 https://bugzilla.suse.com/989727 SUSE Bug 989727 Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality via vectors related to Hotspot. CVE-2016-3550 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-3550.html CVE-2016-3550 https://bugzilla.suse.com/989733 SUSE Bug 989733 Unspecified vulnerability in Oracle Java SE 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Install. CVE-2016-3552 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 4.4 AV:L/AC:M/Au:N/C:P/I:P/A:P 6.2 AV:L/AC:H/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-3552.html CVE-2016-3552 https://bugzilla.suse.com/989726 SUSE Bug 989726 Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot. CVE-2016-3587 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-3587.html CVE-2016-3587 https://bugzilla.suse.com/989721 SUSE Bug 989721 https://bugzilla.suse.com/998845 SUSE Bug 998845 Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3610. CVE-2016-3598 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-3598.html CVE-2016-3598 https://bugzilla.suse.com/1009280 SUSE Bug 1009280 https://bugzilla.suse.com/989723 SUSE Bug 989723 Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot. CVE-2016-3606 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-3606.html CVE-2016-3606 https://bugzilla.suse.com/989722 SUSE Bug 989722 Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3598. CVE-2016-3610 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-3610.html CVE-2016-3610 https://bugzilla.suse.com/989725 SUSE Bug 989725 Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect integrity via vectors related to Libraries. CVE-2016-5542 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 low 2.6 AV:N/AC:H/Au:N/C:N/I:P/A:N 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5542.html CVE-2016-5542 https://bugzilla.suse.com/1005522 SUSE Bug 1005522 https://bugzilla.suse.com/1009280 SUSE Bug 1009280 Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect integrity via vectors related to JMX. CVE-2016-5554 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:P/A:N 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5554.html CVE-2016-5554 https://bugzilla.suse.com/1005523 SUSE Bug 1005523 https://bugzilla.suse.com/1009280 SUSE Bug 1009280 Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D. CVE-2016-5556 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 critical 10 AV:N/AC:L/Au:N/C:C/I:C/A:C 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5556.html CVE-2016-5556 https://bugzilla.suse.com/1005524 SUSE Bug 1005524 https://bugzilla.suse.com/1009280 SUSE Bug 1009280 Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. CVE-2016-5568 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 critical 10 AV:N/AC:L/Au:N/C:C/I:C/A:C 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5568.html CVE-2016-5568 https://bugzilla.suse.com/1005525 SUSE Bug 1005525 https://bugzilla.suse.com/1009280 SUSE Bug 1009280 Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5582. CVE-2016-5573 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 important 7.1 AV:N/AC:H/Au:S/C:C/I:C/A:C 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5573.html CVE-2016-5573 https://bugzilla.suse.com/1005526 SUSE Bug 1005526 https://bugzilla.suse.com/1009280 SUSE Bug 1009280 Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5573. CVE-2016-5582 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 critical 10 AV:N/AC:L/Au:N/C:C/I:C/A:C 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5582.html CVE-2016-5582 https://bugzilla.suse.com/1005527 SUSE Bug 1005527 Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality via vectors related to Networking. CVE-2016-5597 openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.111-1.1 openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.111-1.1 moderate 5.4 AV:N/AC:H/Au:N/C:C/I:N/A:N 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5597.html CVE-2016-5597 https://bugzilla.suse.com/1005528 SUSE Bug 1005528 https://bugzilla.suse.com/1009280 SUSE Bug 1009280