Download
| Alert*
oval:org.secpod.oval:def:89275
The host is installed with Oracle Java SE through 8u361, 11.0.18, 17.0.6 or 20 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Swing. Successful exploitation allows attackers to affect integrity. oval:org.secpod.oval:def:1701380 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows ... oval:org.secpod.oval:def:206032 Security Fix: OpenJDK: improper connection handling during TLS handshake OpenJDK: Swing HTML parsing issue OpenJDK: incorrect enqueue of references in garbage collector OpenJDK: certificate validation issue in TLS session negotiation OpenJDK: missing string checks for NULL characters OpenJ ... oval:org.secpod.oval:def:19500101 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows ... oval:org.secpod.oval:def:97735 [CLSA-2023:1688679628] java-1.8.0-openjdk: Fix of 7 CVEs oval:org.secpod.oval:def:19500066 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows ... oval:org.secpod.oval:def:507622 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: improper connection handling during TLS handshake * OpenJDK: Swing HTML parsing issue * OpenJDK: incorrect enqueue of references in garbage col ... oval:org.secpod.oval:def:507621 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: improper connection handling during TLS handshake * OpenJDK: Swing HTML parsing issue * OpenJDK: incorrect enqueue of references in garbage col ... oval:org.secpod.oval:def:507620 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: improper connection handling during TLS handshake * OpenJDK: Swing HTML parsing issue * OpenJDK: incorrect enqueue of references in garbage coll ... oval:org.secpod.oval:def:507625 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: improper connection handling during TLS handshake * OpenJDK: Swing HTML parsing issue * OpenJDK: incorrect enqueue of references in garbage coll ... oval:org.secpod.oval:def:507624 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: improper connection handling during TLS handshake * OpenJDK: Swing HTML parsing issue * OpenJDK: incorrect enqueue of references in garbage coll ... oval:org.secpod.oval:def:89048858 This update for java-1_8_0-openjdk fixes the following issues: * Updated to version jdk8u372 : * CVE-2023-21930: Fixed an issue in the JSSE component that could allow an attacker to access critical data without authorization . * CVE-2023-21937: Fixed an issue in the Networking component that could a ... oval:org.secpod.oval:def:507623 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix: * OpenJDK: improper connection handling during TLS handshake * OpenJDK: Swing HTML parsing issue * OpenJDK: incorrect enqueue of references in garbage coll ... oval:org.secpod.oval:def:1701308 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows ... oval:org.secpod.oval:def:89048811 This update for java-17-openjdk fixes the following issues: Update to upstrem tag jdk-17.0.7+7 Security fixes: * CVE-2023-21930: Fixed AES support . * CVE-2023-21937: Fixed String platform support . * CVE-2023-21938: Fixed runtime support . * CVE-2023-21939: Fixed Swing platform support . * CVE-202 ... oval:org.secpod.oval:def:95162 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, information disclosure or bypass of sandbox restrictions. oval:org.secpod.oval:def:89048851 This update for java-11-openjdk fixes the following issues: Upgrade to upsteam tag jdk-11.0.19+7 : * CVE-2023-21930: Fixed AES support . * CVE-2023-21937: Fixed String platform support . * CVE-2023-21938: Fixed runtime support . * CVE-2023-21939: Fixed Swing platform support . * CVE-2023-21954: Fixe ... oval:org.secpod.oval:def:89267 The host is installed with Oracle Java SE through 8u361, 11.0.18, 17.0.6 or 20 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Swing. Successful exploitation allows attackers to affect integrity. oval:org.secpod.oval:def:89188 The host is installed with Oracle Java SE through 8u361, 11.0.18, 17.0.6 or 20 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Swing. Successful exploitation allows attackers to affect integrity. oval:org.secpod.oval:def:91407 The host is missing a patch containing a security fixes, which affects the following package(s): Java oval:org.secpod.oval:def:507871 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR8-FP5. Security Fix: * OpenJDK: improper connection handling during TLS handshake * OpenJDK: Swing HTML parsing issue * OpenJDK: certificat ... oval:org.secpod.oval:def:206023 Security Fix: OpenJDK: improper connection handling during TLS handshake OpenJDK: Swing HTML parsing issue OpenJDK: incorrect enqueue of references in garbage collector OpenJDK: certificate validation issue in TLS session negotiation OpenJDK: missing string checks for NULL characters OpenJ ... oval:org.secpod.oval:def:2600186 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. oval:org.secpod.oval:def:91483 openjdk-17: Open Source Java implementation - openjdk-20: Open Source Java implementation - openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:2600187 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. oval:org.secpod.oval:def:89048801 This update for java-11-openjdk fixes the following issues: Upgrade to upsteam tag jdk-11.0.19+7 : * CVE-2023-21930: Fixed AES support . * CVE-2023-21937: Fixed String platform support . * CVE-2023-21938: Fixed runtime support . * CVE-2023-21939: Fixed Swing platform support . * CVE-2023-21954: Fixe ... oval:org.secpod.oval:def:1701297 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows ... oval:org.secpod.oval:def:5800166 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: improper connection handling during TLS handshake * OpenJDK: Swing HTML parsing issue * OpenJDK: incorrect enqueue of references in garbage col ... oval:org.secpod.oval:def:708149 openjdk-17: Open Source Java implementation - openjdk-20: Open Source Java implementation - openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:19500122 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows ... oval:org.secpod.oval:def:1601753 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows ... oval:org.secpod.oval:def:5800164 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: improper connection handling during TLS handshake * OpenJDK: Swing HTML parsing issue * OpenJDK: incorrect enqueue of references in garbage coll ... oval:org.secpod.oval:def:2600193 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. oval:org.secpod.oval:def:5800163 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix: * OpenJDK: improper connection handling during TLS handshake * OpenJDK: Swing HTML parsing issue * OpenJDK: incorrect enqueue of references in garbage coll ... oval:org.secpod.oval:def:2501045 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. oval:org.secpod.oval:def:1506522 [1:11.0.19.0.7-1] - Update to jdk-11.0.19.0+7 - Update release notes to 11.0.19.0+7 - Require tzdata 2023c due to local inclusion of JDK-8274864 amp; JDK-8305113 - Update generate_tarball.sh to add support for passing a boot JDK to the configure run - Add POSIX-friendly error codes to generate_tarba ... oval:org.secpod.oval:def:2501048 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. oval:org.secpod.oval:def:1506523 [17.0.7.0.7-1.0.1] - Replace upstream references [Orabug: 34340155] [1:17.0.7.0.7-1] - Update to jdk-17.0.7.0+7 - Update release notes to 17.0.7.0+7 - Require tzdata 2023c due to local inclusion of JDK-8274864 amp; JDK-8305113 - Update generate_tarball.sh to add support for passing a boot JDK to the ... oval:org.secpod.oval:def:89048953 This update for java-1_8_0-ibm fixes the following issues: * CVE-2023-21930: Fixed possible compromise from unauthenticated attacker with network access via TLS . * CVE-2023-21937: Fixed vulnerability inside the networking component . * CVE-2023-21938: Fixed vulnerability inside the library componen ... oval:org.secpod.oval:def:610704 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, information disclosure or bypass of sandbox restrictions. oval:org.secpod.oval:def:1701282 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows ... oval:org.secpod.oval:def:1506524 [11.0.19.0.7-1.0.1] - Replace upstream references [Orabug: 34340155] [1:11.0.19.0.7-1] - Update to jdk-11.0.19.0+7 - Update release notes to 11.0.19.0+7 - Require tzdata 2023c due to local inclusion of JDK-8274864 amp; JDK-8305113 - Update generate_tarball.sh to add support for passing a boot JDK to ... oval:org.secpod.oval:def:1701288 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows ... oval:org.secpod.oval:def:1506525 [1:17.0.7.0.7-1] - Update to jdk-17.0.7.0+7 - Update release notes to 17.0.7.0+7 - Require tzdata 2023c due to local inclusion of JDK-8274864 amp; JDK-8305113 - Update generate_tarball.sh to add support for passing a boot JDK to the configure run - Add POSIX-friendly error codes to generate_tarball. ... oval:org.secpod.oval:def:1506526 [1:11.0.19.0.7-1.0.1] - link atomic for ix86 build [1:11.0.19.0.7-1] - Update to jdk-11.0.19.0+7 - Update release notes to 11.0.19.0+7 - Require tzdata 2023c due to local inclusion of JDK-8274864 amp; JDK-8305113 - Update generate_tarball.sh to add support for passing a boot JDK to the configure run ... oval:org.secpod.oval:def:2501044 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. oval:org.secpod.oval:def:508186 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR8-FP5. Security Fix: OpenJDK: improper connection handling during TLS handshake OpenJDK: Swing HTML parsing issue OpenJDK: certificate vali ... oval:org.secpod.oval:def:93366 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in bypass of sandbox restrictions, information disclosure, reduced cryptographic strength of the AES implementation, directory traversal or denial of service. oval:org.secpod.oval:def:4501407 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix: * OpenJDK: improper connection handling during TLS handshake * OpenJDK: Swing HTML parsing issue * OpenJDK: incorrect enqueue of references in garbage coll ... oval:org.secpod.oval:def:1506531 [1:1.8.0.372.b07-1] - Update to shenandoah-jdk8u372-b07 - Update release notes for shenandoah-8u372-b07. - Require tzdata 2023c due to inclusion of JDK-8305113 in 8u372-b07 - Update generate_tarball.sh to add support for passing a boot JDK to the configure run - Add POSIX-friendly error codes to ge ... oval:org.secpod.oval:def:1506532 [1:1.8.0.372.b07-1] - Update to shenandoah-jdk8u372-b07 - Update release notes for shenandoah-8u372-b07. - Require tzdata 2023c due to inclusion of JDK-8305113 in 8u372-b07 - Update generate_tarball.sh to add support for passing a boot JDK to the configure run - Add POSIX-friendly error codes to ge ... oval:org.secpod.oval:def:507613 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix: * OpenJDK: improper connection handling during TLS handshake * OpenJDK: Swing HTML parsing issue * OpenJDK: incorrect enqueue of references in garbage coll ... oval:org.secpod.oval:def:612614 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in bypass of sandbox restrictions, information disclosure, reduced cryptographic strength of the AES implementation, directory traversal or denial of service. oval:org.secpod.oval:def:89048867 This update for java-1_8_0-openjdk fixes the following issues: * Updated to version jdk8u372 : * CVE-2023-21930: Fixed an issue in the JSSE component that could allow an attacker to access critical data without authorization . * CVE-2023-21937: Fixed an issue in the Networking component that could a ... oval:org.secpod.oval:def:89048944 This update for java-1_8_0-ibm fixes the following issues: * CVE-2023-21930: Fixed possible compromise from unauthenticated attacker with network access via TLS . * CVE-2023-21937: Fixed vulnerability inside the networking component . * CVE-2023-21938: Fixed vulnerability inside the library componen ... oval:org.secpod.oval:def:507619 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: improper connection handling during TLS handshake * OpenJDK: Swing HTML parsing issue * OpenJDK: incorrect enqueue of references in garbage col ... oval:org.secpod.oval:def:1506530 [1.8.0.372.b07-1.0.1] - Replace upstream references [Orabug: 34340145] [1:1.8.0.372.b07-1] - Update to shenandoah-jdk8u372-b07 - Update release notes for shenandoah-8u372-b07. - Require tzdata 2023c due to inclusion of JDK-8305113 in 8u372-b07 - Reintroduce jconsole-plugin.patch from RHEL 9 - Updat ... oval:org.secpod.oval:def:3302292 Security update for java-1_8_0-openj9 oval:org.secpod.oval:def:89196 The host is installed with Oracle Java SE through 8u361, 11.0.18, 17.0.6 or 20, or Azul Zulu 6 before 6.55.0.12, 7 before 7.61.0.18, 8 before 8.69.0.16, 11 before 11.63.16, or 17 before 17.41.14 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle ... |