Bugzilla – Bug 1201643
VUL-0: java-1_8_0-ibm, java-1_7_1-ibm, java-1_7_0-ibm: IBM Security Update April 2022
Last modified: 2022-08-03 16:24:22 UTC
IBM Security Update April 2022: * https://www.ibm.com/support/pages/java-sdk-security-vulnerabilities CVE-2022-21476 CVE-2022-21449 CVE-2022-21496 CVE-2022-21434 CVE-2022-21426 CVE-2022-21443 New available versions: * java-1_8_0-ibm: 8.0.7.10 * java-1_7_1-ibm: 7.1.5.10 * java-1_7_0-ibm: 7.0.11.10
I'm adding IBM in CC.
Hi Pedro, We were already tracking them with the following issues since April. CVE-2022-21476 -> bsc#1198671 CVE-2022-21449 -> bsc#1198670 CVE-2022-21496 -> bsc#1198673 CVE-2022-21434 -> bsc#1198674 CVE-2022-21426 -> bsc#1198672 CVE-2022-21443 -> bsc#1198675 Probably nobody tagged you in them or asked to submit patches, that's our fault. Thanks to proactively submitted yourself. I close this issue as duplicated. *** This bug has been marked as a duplicate of bug 1198670 ***
SUSE-SU-2022:2539-1: An update that solves 8 vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1191912,1194931,1198670,1198671,1198672,1198673,1198674,1198675,1201643 CVE References: CVE-2021-35561,CVE-2022-21299,CVE-2022-21426,CVE-2022-21434,CVE-2022-21443,CVE-2022-21449,CVE-2022-21476,CVE-2022-21496 JIRA References: Sources used: SUSE OpenStack Cloud Crowbar 9 (src): java-1_7_1-ibm-1.7.1_sr5.10-38.71.1 SUSE OpenStack Cloud 9 (src): java-1_7_1-ibm-1.7.1_sr5.10-38.71.1 SUSE Linux Enterprise Software Development Kit 12-SP5 (src): java-1_7_1-ibm-1.7.1_sr5.10-38.71.1 SUSE Linux Enterprise Server for SAP 12-SP4 (src): java-1_7_1-ibm-1.7.1_sr5.10-38.71.1 SUSE Linux Enterprise Server 12-SP5 (src): java-1_7_1-ibm-1.7.1_sr5.10-38.71.1 SUSE Linux Enterprise Server 12-SP4-LTSS (src): java-1_7_1-ibm-1.7.1_sr5.10-38.71.1 SUSE Linux Enterprise Server 12-SP3-BCL (src): java-1_7_1-ibm-1.7.1_sr5.10-38.71.1 SUSE Linux Enterprise Server 12-SP2-BCL (src): java-1_7_1-ibm-1.7.1_sr5.10-38.71.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:2540-1: An update that solves 8 vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1191912,1194931,1198670,1198671,1198672,1198673,1198674,1198675,1201643 CVE References: CVE-2021-35561,CVE-2022-21299,CVE-2022-21426,CVE-2022-21434,CVE-2022-21443,CVE-2022-21449,CVE-2022-21476,CVE-2022-21496 JIRA References: Sources used: SUSE OpenStack Cloud Crowbar 9 (src): java-1_8_0-ibm-1.8.0_sr7.10-30.90.1 SUSE OpenStack Cloud 9 (src): java-1_8_0-ibm-1.8.0_sr7.10-30.90.1 SUSE Linux Enterprise Software Development Kit 12-SP5 (src): java-1_8_0-ibm-1.8.0_sr7.10-30.90.1 SUSE Linux Enterprise Server for SAP 12-SP4 (src): java-1_8_0-ibm-1.8.0_sr7.10-30.90.1 SUSE Linux Enterprise Server 12-SP5 (src): java-1_8_0-ibm-1.8.0_sr7.10-30.90.1 SUSE Linux Enterprise Server 12-SP4-LTSS (src): java-1_8_0-ibm-1.8.0_sr7.10-30.90.1 SUSE Linux Enterprise Server 12-SP3-BCL (src): java-1_8_0-ibm-1.8.0_sr7.10-30.90.1 SUSE Linux Enterprise Server 12-SP2-BCL (src): java-1_8_0-ibm-1.8.0_sr7.10-30.90.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:2650-1: An update that solves 8 vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1191912,1194931,1198670,1198671,1198672,1198673,1198674,1198675,1201643 CVE References: CVE-2021-35561,CVE-2022-21299,CVE-2022-21426,CVE-2022-21434,CVE-2022-21443,CVE-2022-21449,CVE-2022-21476,CVE-2022-21496 JIRA References: Sources used: openSUSE Leap 15.4 (src): java-1_8_0-ibm-1.8.0_sr7.10-150000.3.59.1 openSUSE Leap 15.3 (src): java-1_8_0-ibm-1.8.0_sr7.10-150000.3.59.1 SUSE Manager Server 4.1 (src): java-1_8_0-ibm-1.8.0_sr7.10-150000.3.59.1 SUSE Manager Retail Branch Server 4.1 (src): java-1_8_0-ibm-1.8.0_sr7.10-150000.3.59.1 SUSE Manager Proxy 4.1 (src): java-1_8_0-ibm-1.8.0_sr7.10-150000.3.59.1 SUSE Linux Enterprise Server for SAP 15-SP2 (src): java-1_8_0-ibm-1.8.0_sr7.10-150000.3.59.1 SUSE Linux Enterprise Server for SAP 15-SP1 (src): java-1_8_0-ibm-1.8.0_sr7.10-150000.3.59.1 SUSE Linux Enterprise Server for SAP 15 (src): java-1_8_0-ibm-1.8.0_sr7.10-150000.3.59.1 SUSE Linux Enterprise Server 15-SP2-LTSS (src): java-1_8_0-ibm-1.8.0_sr7.10-150000.3.59.1 SUSE Linux Enterprise Server 15-SP1-LTSS (src): java-1_8_0-ibm-1.8.0_sr7.10-150000.3.59.1 SUSE Linux Enterprise Server 15-SP1-BCL (src): java-1_8_0-ibm-1.8.0_sr7.10-150000.3.59.1 SUSE Linux Enterprise Server 15-LTSS (src): java-1_8_0-ibm-1.8.0_sr7.10-150000.3.59.1 SUSE Linux Enterprise Module for Legacy Software 15-SP4 (src): java-1_8_0-ibm-1.8.0_sr7.10-150000.3.59.1 SUSE Linux Enterprise Module for Legacy Software 15-SP3 (src): java-1_8_0-ibm-1.8.0_sr7.10-150000.3.59.1 SUSE Enterprise Storage 7 (src): java-1_8_0-ibm-1.8.0_sr7.10-150000.3.59.1 SUSE Enterprise Storage 6 (src): java-1_8_0-ibm-1.8.0_sr7.10-150000.3.59.1 SUSE CaaS Platform 4.0 (src): java-1_8_0-ibm-1.8.0_sr7.10-150000.3.59.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.