Download
| Alert*
oval:org.secpod.oval:def:82612
It was discovered that OpenJDK incorrectly computed exponentials. An attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 17. oval:org.secpod.oval:def:82296 The host is installed with Oracle Java SE through 17.0.3.1 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Libraries. Successful exploitation allows attackers to affect integrity. oval:org.secpod.oval:def:82291 The host is installed with Oracle Java SE through 17.0.3.1 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Libraries. Successful exploitation allows attackers to affect integrity. oval:org.secpod.oval:def:82250 The host is installed with Oracle Java SE through 17.0.3.1, or Azul Zulu 17 before 17.35 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Libraries. Successful exploitation allows attackers to affect integrity. oval:org.secpod.oval:def:86446 It was discovered that OpenJDK incorrectly computed exponentials. An attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 17. oval:org.secpod.oval:def:82246 The host is installed with Oracle Java SE through 17.0.3.1 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Libraries. Successful exploitation allows attackers to affect integrity. oval:org.secpod.oval:def:3300889 SUSE Security Update: Security update for java-17-openjdk oval:org.secpod.oval:def:3301338 SUSE Security Update: Security update for java-1_8_0-ibm oval:org.secpod.oval:def:88382 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in the execution of arbitrary Java bytecode or the bypass of the Java sandbox. oval:org.secpod.oval:def:3301339 SUSE Security Update: Security update for java-1_8_0-ibm oval:org.secpod.oval:def:89046909 This update for java-1_8_0-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 7 Fix Pack 11 : - CVE-2022-34169: Fixed an integer truncation issue in the Xalan Java XSLT library that occurred when processing malicious stylesheets . - CVE-2022-21549: Fixed an issue that could lead to ... oval:org.secpod.oval:def:2600075 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. oval:org.secpod.oval:def:89046928 This update for java-1_8_0-ibm fixes the following issues: - Updated to Java 8.0 Service Refresh 7 Fix Pack 11 : - CVE-2022-34169: Fixed an integer truncation issue in the Xalan Java XSLT library that occurred when processing malicious stylesheets . - CVE-2022-21549: Fixed an issue that could lead t ... oval:org.secpod.oval:def:1700951 Generated code produced by C1 may leak a package-private class to a class from a different package. MethodHandle.invokeBasic method can be accessed on byte code level from an arbitrary class. computeNextExponential sometimes returns negative numbers contrary to the documentation. The Xalan Java XSLT ... oval:org.secpod.oval:def:1505852 [1:17.0.4.0.8-0.2.ea] - Add rpminspect.yaml to turn off Java bytecode inspections - java-17-openjdk deliberately produces Java 17 bytecode, not the default Java 11 bytecode - Resolves: rhbz#2109106 [1:17.0.4.0.8-0.2.ea] - Revert the following changes until copy-java-configs has adapted to relative s ... oval:org.secpod.oval:def:123647 The OpenJDK 17 runtime environment. oval:org.secpod.oval:def:124063 The OpenJDK 17 runtime environment. oval:org.secpod.oval:def:507097 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. The following packages have been upgraded to a later upstream version: java-17-openjdk . Security Fix: * OpenJDK: integer truncation issue in Xalan-J * OpenJDK: class com ... oval:org.secpod.oval:def:608768 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in the execution of arbitrary Java bytecode or the bypass of the Java sandbox. oval:org.secpod.oval:def:4501115 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. The following packages have been upgraded to a later upstream version: java-17-openjdk . Security Fix: * OpenJDK: integer truncation issue in Xalan-J * OpenJDK: class com ... oval:org.secpod.oval:def:507076 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. The following packages have been upgraded to a later upstream version: java-17-openjdk . Security Fix: * OpenJDK: integer truncation issue in Xalan-J * OpenJDK: class com ... oval:org.secpod.oval:def:89046914 This update for java-1_7_1-ibm fixes the following issues: - Updated to Java 7.1 Service Refresh 5 Fix Pack 15 : - CVE-2022-34169: Fixed an integer truncation issue in the Xalan Java XSLT library that occurred when processing malicious stylesheets . - CVE-2022-21549: Fixed an issue that could lead t ... oval:org.secpod.oval:def:89047707 This update for java-17-openjdk fixes the following issues: Update to upstream tag jdk-17.0.4+8 - CVE-2022-21540: Improve class compilation - CVE-2022-21541: Enhance MethodHandle invocations - CVE-2022-34169: Improve Xalan supports - CVE-2022-21549: java.util.random does not correctly sample exp ... oval:org.secpod.oval:def:89047935 This update for java-1_8_0-ibm fixes the following issues: - CVE-2022-21626: An unauthenticated attacker with network access via HTTPS can compromise Oracle Java SE, Oracle GraalVM Enterprise Edition . - CVE-2022-21618: An unauthenticated attacker with network access via Kerberos can compromise Orac ... oval:org.secpod.oval:def:89046961 This update for java-1_8_0-ibm fixes the following issues: Note: the issues listed below were NOT fixed with the previous update . - Update to Java 8.0 Service Refresh 7 Fix Pack 15 : - CVE-2022-34169: Fixed an integer truncation issue in the Xalan Java XSLT library that occurred when processing mal ... oval:org.secpod.oval:def:1505869 [1:17.0.4.0.8-0.2.ea] - Revert the following changes until copy-java-configs has adapted to relative symlinks: - * Move cacerts replacement to install section and retain original of this and tzdb.dat - * Run tests on the installed image, rather than the build image - * Introduce variables to refer t ... |