{"id":"SUSE-SU-2022:2540-1","summary":"Security update for java-1_8_0-ibm","details":"This update for java-1_8_0-ibm fixes the following issues:\n\nUpdate to Java 8.0 Service Refresh 7 Fix Pack 10 (bsc#1201643), including fixes for:\n\n- CVE-2022-21476 (bsc#1198671), CVE-2022-21449 (bsc#1198670),\n  CVE-2022-21496 (bsc#1198673), CVE-2022-21434 (bsc#1198674),\n  CVE-2022-21426 (bsc#1198672), CVE-2022-21443 (bsc#1198675),\n  CVE-2021-35561 (bsc#1191912), CVE-2022-21299 (bsc#1194931).\n","modified":"2026-02-04T03:48:55.215432Z","published":"2022-07-23T10:30:43Z","related":["CVE-2021-35561","CVE-2022-21299","CVE-2022-21426","CVE-2022-21434","CVE-2022-21443","CVE-2022-21449","CVE-2022-21476","CVE-2022-21496"],"upstream":["CVE-2021-35561","CVE-2022-21299","CVE-2022-21426","CVE-2022-21434","CVE-2022-21443","CVE-2022-21449","CVE-2022-21476","CVE-2022-21496"],"references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2022/suse-su-20222540-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1191912"},{"type":"REPORT","url":"https://bugzilla.suse.com/1194931"},{"type":"REPORT","url":"https://bugzilla.suse.com/1198670"},{"type":"REPORT","url":"https://bugzilla.suse.com/1198671"},{"type":"REPORT","url":"https://bugzilla.suse.com/1198672"},{"type":"REPORT","url":"https://bugzilla.suse.com/1198673"},{"type":"REPORT","url":"https://bugzilla.suse.com/1198674"},{"type":"REPORT","url":"https://bugzilla.suse.com/1198675"},{"type":"REPORT","url":"https://bugzilla.suse.com/1201643"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-35561"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-21299"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-21426"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-21434"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-21443"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-21449"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-21476"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-21496"}],"affected":[{"package":{"name":"java-1_8_0-ibm","ecosystem":"SUSE:OpenStack Cloud 9","purl":"pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20OpenStack%20Cloud%209"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.8.0_sr7.10-30.90.1"}]}],"ecosystem_specific":{"binaries":[{"java-1_8_0-ibm-alsa":"1.8.0_sr7.10-30.90.1","java-1_8_0-ibm":"1.8.0_sr7.10-30.90.1","java-1_8_0-ibm-plugin":"1.8.0_sr7.10-30.90.1","java-1_8_0-ibm-devel":"1.8.0_sr7.10-30.90.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2022:2540-1.json"}},{"package":{"name":"java-1_8_0-ibm","ecosystem":"SUSE:OpenStack Cloud Crowbar 9","purl":"pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.8.0_sr7.10-30.90.1"}]}],"ecosystem_specific":{"binaries":[{"java-1_8_0-ibm-alsa":"1.8.0_sr7.10-30.90.1","java-1_8_0-ibm":"1.8.0_sr7.10-30.90.1","java-1_8_0-ibm-plugin":"1.8.0_sr7.10-30.90.1","java-1_8_0-ibm-devel":"1.8.0_sr7.10-30.90.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2022:2540-1.json"}},{"package":{"name":"java-1_8_0-ibm","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP4","purl":"pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.8.0_sr7.10-30.90.1"}]}],"ecosystem_specific":{"binaries":[{"java-1_8_0-ibm-alsa":"1.8.0_sr7.10-30.90.1","java-1_8_0-ibm":"1.8.0_sr7.10-30.90.1","java-1_8_0-ibm-plugin":"1.8.0_sr7.10-30.90.1","java-1_8_0-ibm-devel":"1.8.0_sr7.10-30.90.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2022:2540-1.json"}},{"package":{"name":"java-1_8_0-ibm","ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP5","purl":"pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.8.0_sr7.10-30.90.1"}]}],"ecosystem_specific":{"binaries":[{"java-1_8_0-ibm-devel":"1.8.0_sr7.10-30.90.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2022:2540-1.json"}},{"package":{"name":"java-1_8_0-ibm","ecosystem":"SUSE:Linux Enterprise Server 12 SP2-BCL","purl":"pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.8.0_sr7.10-30.90.1"}]}],"ecosystem_specific":{"binaries":[{"java-1_8_0-ibm-alsa":"1.8.0_sr7.10-30.90.1","java-1_8_0-ibm":"1.8.0_sr7.10-30.90.1","java-1_8_0-ibm-plugin":"1.8.0_sr7.10-30.90.1","java-1_8_0-ibm-devel":"1.8.0_sr7.10-30.90.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2022:2540-1.json"}},{"package":{"name":"java-1_8_0-ibm","ecosystem":"SUSE:Linux Enterprise Server 12 SP3-BCL","purl":"pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCL"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.8.0_sr7.10-30.90.1"}]}],"ecosystem_specific":{"binaries":[{"java-1_8_0-ibm-alsa":"1.8.0_sr7.10-30.90.1","java-1_8_0-ibm":"1.8.0_sr7.10-30.90.1","java-1_8_0-ibm-plugin":"1.8.0_sr7.10-30.90.1","java-1_8_0-ibm-devel":"1.8.0_sr7.10-30.90.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2022:2540-1.json"}},{"package":{"name":"java-1_8_0-ibm","ecosystem":"SUSE:Linux Enterprise Server 12 SP4-LTSS","purl":"pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.8.0_sr7.10-30.90.1"}]}],"ecosystem_specific":{"binaries":[{"java-1_8_0-ibm-alsa":"1.8.0_sr7.10-30.90.1","java-1_8_0-ibm":"1.8.0_sr7.10-30.90.1","java-1_8_0-ibm-plugin":"1.8.0_sr7.10-30.90.1","java-1_8_0-ibm-devel":"1.8.0_sr7.10-30.90.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2022:2540-1.json"}},{"package":{"name":"java-1_8_0-ibm","ecosystem":"SUSE:Linux Enterprise Server 12 SP5","purl":"pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.8.0_sr7.10-30.90.1"}]}],"ecosystem_specific":{"binaries":[{"java-1_8_0-ibm-alsa":"1.8.0_sr7.10-30.90.1","java-1_8_0-ibm":"1.8.0_sr7.10-30.90.1","java-1_8_0-ibm-plugin":"1.8.0_sr7.10-30.90.1","java-1_8_0-ibm-devel":"1.8.0_sr7.10-30.90.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2022:2540-1.json"}},{"package":{"name":"java-1_8_0-ibm","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP5","purl":"pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.8.0_sr7.10-30.90.1"}]}],"ecosystem_specific":{"binaries":[{"java-1_8_0-ibm-alsa":"1.8.0_sr7.10-30.90.1","java-1_8_0-ibm":"1.8.0_sr7.10-30.90.1","java-1_8_0-ibm-plugin":"1.8.0_sr7.10-30.90.1","java-1_8_0-ibm-devel":"1.8.0_sr7.10-30.90.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2022:2540-1.json"}}],"schema_version":"1.7.3"}