Download
| Alert*
|
oval:org.secpod.oval:def:116516
The OpenJDK runtime environment. oval:org.secpod.oval:def:118166 The OpenJDK runtime environment. oval:org.secpod.oval:def:115285 java-11-openjdk is installed oval:org.secpod.oval:def:116599 The OpenJDK runtime environment. oval:org.secpod.oval:def:116595 The OpenJDK runtime environment. oval:org.secpod.oval:def:122114 The OpenJDK 11 runtime environment. oval:org.secpod.oval:def:117749 The OpenJDK runtime environment. oval:org.secpod.oval:def:119409 The OpenJDK 11 runtime environment. oval:org.secpod.oval:def:66546 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Incorrect bounds checks in NIO Buffers * OpenJDK: Incorrect type checks in MethodType.readObject * OpenJDK: Application data accepted before TLS ... oval:org.secpod.oval:def:66457 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Improper handling of Kerberos proxy credentials * OpenJDK: Unexpected exception thrown during regular expression processing in Nashorn * OpenJDK ... oval:org.secpod.oval:def:503361 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Improper handling of Kerberos proxy credentials * OpenJDK: Unexpected exception thrown during regular expression processing in Nashorn * OpenJDK ... oval:org.secpod.oval:def:503485 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Use of unsafe RSA-MD5 checkum in Kerberos TGS * OpenJDK: Serialization filter changes via jdk.serialFilter property modification * OpenJDK: Impr ... oval:org.secpod.oval:def:503363 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Improper handling of Kerberos proxy credentials * OpenJDK: Unexpected exception thrown during regular expression processing in Nashorn * OpenJDK ... oval:org.secpod.oval:def:89003034 This update for java-11-openjdk fixes the following issues: Security issues fixed : - CVE-2019-2933: Windows file handling redux - CVE-2019-2945: Better socket support - CVE-2019-2949: Better Kerberos ccache handling - CVE-2019-2958: Build Better Processes - CVE-2019-2964: Better support for pattern ... oval:org.secpod.oval:def:503490 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Use of unsafe RSA-MD5 checkum in Kerberos TGS * OpenJDK: Serialization filter changes via jdk.serialFilter property modification * OpenJDK: Impr ... oval:org.secpod.oval:def:89047224 This update for java-11-openjdk fixes the following issues: java-11-openjdk was upgraded to include January 2021 CPU - Enable Sheandoah GC for x86_64 oval:org.secpod.oval:def:125411 The OpenJDK 11 runtime environment. oval:org.secpod.oval:def:125407 The OpenJDK 11 runtime environment. oval:org.secpod.oval:def:125698 The OpenJDK 11 runtime environment. oval:org.secpod.oval:def:115284 The OpenJDK runtime environment. oval:org.secpod.oval:def:115307 The OpenJDK runtime environment. oval:org.secpod.oval:def:115897 The OpenJDK runtime environment. oval:org.secpod.oval:def:115906 The OpenJDK runtime environment. oval:org.secpod.oval:def:89050880 This update for java-11-openjdk to version jdk-11.0.5-10 fixes the following issues: Security issues fixed : - CVE-2019-2933: Windows file handling redux - CVE-2019-2945: Better socket support - CVE-2019-2949: Better Kerberos ccache handling - CVE-2019-2958: Build Better Processes - CVE-2019-2964: B ... oval:org.secpod.oval:def:205376 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Improper handling of Kerberos proxy credentials * OpenJDK: Unexpected exception thrown during regular expression processing in Nashorn * OpenJDK ... oval:org.secpod.oval:def:89000568 This update for java-11-openjdk fixes the following issues: Java was updated to jdk-11.0.7+10 . Security issues fixed: - CVE-2020-2754: Fixed an incorrect handling of regular expressions that could have resulted in denial of service . - CVE-2020-2755: Fixed an incorrect handling of regular expressio ... oval:org.secpod.oval:def:502619 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: memory disclosure in FileChannelImpl For more details about the security issue, including the impact, a CVSS score, and other related information, ... oval:org.secpod.oval:def:205123 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Improper field access checks * OpenJDK: Unrestricted access to scripting engine * OpenJDK: Incomplete enforcement of the trustURLCodebase restri ... oval:org.secpod.oval:def:1502489 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:205191 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Slow conversion of BigDecimal to long * OpenJDK: Incorrect skeleton selection in RMI registry server-side dispatch handling For more details abo ... oval:org.secpod.oval:def:502643 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Slow conversion of BigDecimal to long * OpenJDK: Incorrect skeleton selection in RMI registry server-side dispatch handling For more details abo ... oval:org.secpod.oval:def:502536 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Improper field access checks * OpenJDK: Unrestricted access to scripting engine * OpenJDK: Incomplete enforcement of the trustURLCodebase restri ... oval:org.secpod.oval:def:66441 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Slow conversion of BigDecimal to long * OpenJDK: Incorrect skeleton selection in RMI registry server-side dispatch handling For more details abo ... oval:org.secpod.oval:def:205166 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: memory disclosure in FileChannelImpl For more details about the security issue, including the impact, a CVSS score, and other related information, ... oval:org.secpod.oval:def:1502451 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1507115 [1:11.0.21.0.9-2.0.1] - Update to jdk-11.0.21+9 - Update release notes to 11.0.21+9 - OpenJDK: certificate path validation issue during client authentication - OpenJDK: Additional zip64 files validation - OpenJDK: Print an exception when encountering null addresses while producing thread dumps oval:org.secpod.oval:def:1507119 [1:11.0.21.0.9-2.0.1] - Add Oracle vendor bug URL [Orabug: 34340155] - Update to jdk-11.0.21+9 - Update release notes to 11.0.21+9 - OpenJDK: certificate path validation issue during client authentication - OpenJDK: Additional zip64 files validation - OpenJDK: Print an exception when encounteri ... oval:org.secpod.oval:def:1701996 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 20.0.2; Oracle GraalVM for JDK: 17.0.8 and 20.0.2. Easily exploitable vulnerability allows unauthenticated attacker wit ... oval:org.secpod.oval:def:89051011 This update for java-11-openjdk fixes the following issues: * Upgraded to JDK 11.0.21+9 : * CVE-2023-22081: Fixed a partial denial of service issue that could be triggered via HTTPS . Please visit the Oracle Release Notes page for the full changelog: https://www.oracle.com/java/technologies/javase/1 ... oval:org.secpod.oval:def:89050989 This update for java-11-openjdk fixes the following issues: * Upgraded to JDK 11.0.21+9 : * CVE-2023-22081: Fixed a partial denial of service issue that could be triggered via HTTPS . Please visit the Oracle Release Notes page for the full changelog: https://www.oracle.com/java/technologies/javase/1 ... oval:org.secpod.oval:def:89049261 This update for java-11-openjdk fixes the following issues: Updated to jdk-11.0.20+8 : * CVE-2023-22006: Fixed vulnerability in the network component . * CVE-2023-22036: Fixed vulnerability in the utility component . * CVE-2023-22041: Fixed vulnerability in the hotspot component . * CVE-2023-22044: ... oval:org.secpod.oval:def:89048851 This update for java-11-openjdk fixes the following issues: Upgrade to upsteam tag jdk-11.0.19+7 : * CVE-2023-21930: Fixed AES support . * CVE-2023-21937: Fixed String platform support . * CVE-2023-21938: Fixed runtime support . * CVE-2023-21939: Fixed Swing platform support . * CVE-2023-21954: Fixe ... oval:org.secpod.oval:def:89049148 This update for java-11-openjdk fixes the following issues: Updated to jdk-11.0.20+8 : * CVE-2023-22006: Fixed vulnerability in the network component . * CVE-2023-22036: Fixed vulnerability in the utility component . * CVE-2023-22041: Fixed vulnerability in the hotspot component . * CVE-2023-22044: ... oval:org.secpod.oval:def:5800164 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: improper connection handling during TLS handshake * OpenJDK: Swing HTML parsing issue * OpenJDK: incorrect enqueue of references in garbage coll ... oval:org.secpod.oval:def:206023 Security Fix: OpenJDK: improper connection handling during TLS handshake OpenJDK: Swing HTML parsing issue OpenJDK: incorrect enqueue of references in garbage collector OpenJDK: certificate validation issue in TLS session negotiation OpenJDK: missing string checks for NULL characters OpenJ ... oval:org.secpod.oval:def:89048801 This update for java-11-openjdk fixes the following issues: Upgrade to upsteam tag jdk-11.0.19+7 : * CVE-2023-21930: Fixed AES support . * CVE-2023-21937: Fixed String platform support . * CVE-2023-21938: Fixed runtime support . * CVE-2023-21939: Fixed Swing platform support . * CVE-2023-21954: Fixe ... oval:org.secpod.oval:def:1506522 [1:11.0.19.0.7-1] - Update to jdk-11.0.19.0+7 - Update release notes to 11.0.19.0+7 - Require tzdata 2023c due to local inclusion of JDK-8274864 amp; JDK-8305113 - Update generate_tarball.sh to add support for passing a boot JDK to the configure run - Add POSIX-friendly error codes to generate_tarba ... oval:org.secpod.oval:def:1506524 [11.0.19.0.7-1.0.1] - Replace upstream references [Orabug: 34340155] [1:11.0.19.0.7-1] - Update to jdk-11.0.19.0+7 - Update release notes to 11.0.19.0+7 - Require tzdata 2023c due to local inclusion of JDK-8274864 amp; JDK-8305113 - Update generate_tarball.sh to add support for passing a boot JDK to ... oval:org.secpod.oval:def:1506526 [1:11.0.19.0.7-1.0.1] - link atomic for ix86 build [1:11.0.19.0.7-1] - Update to jdk-11.0.19.0+7 - Update release notes to 11.0.19.0+7 - Require tzdata 2023c due to local inclusion of JDK-8274864 amp; JDK-8305113 - Update generate_tarball.sh to add support for passing a boot JDK to the configure run ... oval:org.secpod.oval:def:2500925 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. oval:org.secpod.oval:def:4500030 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the Reference ... oval:org.secpod.oval:def:120532 The OpenJDK 11 runtime environment. oval:org.secpod.oval:def:1506386 [1:11.0.18.0.10-1] - Update to jdk-11.0.18+10 - Update release notes to 11.0.18+10 - Switch to GA mode for release - ** This tarball is embargoed until 2023-01-17 @ 1pm PT. ** - Related: rhbz#2150192 [1:11.0.18.0.9-0.2.ea] - Update to jdk-11.0.18+9 - Update release notes to 11.0.18+9 - Drop local c ... oval:org.secpod.oval:def:89048579 This update for java-11-openjdk fixes the following issues: * CVE-2023-21843: Fixed soundbank URL remote loading . * CVE-2023-21835: Fixed handshake DoS attack against DTLS connections . Bugfixes: * Remove broken accessibility sub-package . oval:org.secpod.oval:def:89047245 This update for java-11-openjdk fixes the following issues: - Update to jdk-11.0.12+7 - CVE-2021-2369: Fixed JAR file handling problem containing multiple MANIFEST.MF files. - CVE-2021-2388: Fixed a flaw inside the Hotspot component performed range check elimination. - CVE-2021-2341: Fixed a flaw ... oval:org.secpod.oval:def:2500411 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. oval:org.secpod.oval:def:2500517 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. oval:org.secpod.oval:def:506026 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Incomplete enforcement of JAR signing disabled algorithms For more details about the security issue, including the impact, a CVSS score, acknowled ... oval:org.secpod.oval:def:506025 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Incomplete enforcement of JAR signing disabled algorithms For more details about the security issue, including the impact, a CVSS score, acknowled ... oval:org.secpod.oval:def:205933 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Incomplete deserialization class filtering in ObjectInputStream * OpenJDK: Incorrect reading of TIFF files in TIFFNullDecompressor * OpenJDK: In ... oval:org.secpod.oval:def:89044244 This update for java-11-openjdk fixes the following issues: - Update to upstream tag jdk-11.0.11+9 * CVE-2021-2163: Fixed incomplete enforcement of JAR signing disabled algorithms * CVE-2021-2161: Fixed incorrect handling of partially quoted arguments in ProcessBuilder - moved mozilla-nss depende ... oval:org.secpod.oval:def:89047230 This update for java-11-openjdk fixes the following issues: - Update to upstream tag jdk-11.0.11+9 * CVE-2021-2163: Fixed incomplete enforcement of JAR signing disabled algorithms * CVE-2021-2161: Fixed incorrect handling of partially quoted arguments in ProcessBuilder - moved mozilla-nss depende ... oval:org.secpod.oval:def:89050432 This update for java-11-openjdk fixes the following issues: - Update to upstream tag jdk-11.0.9-11 * New features + JDK-8250784: Shenandoah: A Low-Pause-Time Garbage Collector * Security fixes + JDK-8233624: Enhance JNI linkage + JDK-8236196: Improve string pooling + JDK-8236862, CVE-2020-14779: En ... oval:org.secpod.oval:def:507489 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: handshake DoS attack against DTLS connections * OpenJDK: soundbank URL remote loading For more details about the security issue, including the i ... oval:org.secpod.oval:def:121688 The OpenJDK 11 runtime environment. oval:org.secpod.oval:def:124957 The OpenJDK 11 runtime environment. oval:org.secpod.oval:def:124956 The OpenJDK 11 runtime environment. oval:org.secpod.oval:def:2500511 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. oval:org.secpod.oval:def:3301240 SUSE Security Update: Security update for java-11-openjdk oval:org.secpod.oval:def:5800038 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: handshake DoS attack against DTLS connections * OpenJDK: soundbank URL remote loading For more details about the security issue, including the i ... oval:org.secpod.oval:def:2600048 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. oval:org.secpod.oval:def:120517 The OpenJDK 11 runtime environment. oval:org.secpod.oval:def:118856 The OpenJDK runtime environment. oval:org.secpod.oval:def:118850 The OpenJDK runtime environment. oval:org.secpod.oval:def:3301193 SUSE Security Update: Security update for java-11-openjdk oval:org.secpod.oval:def:1505884 [1:11.0.16.0.8-1.0.1] - Replace upstream references [Orabug: 34340155] [1:11.0.16.0.8-1] - Update to jdk-11.0.16+8 - Update release notes to 11.0.16+8 - Use same tarball naming style as java-17-openjdk and java-latest-openjdk - Drop JDK-8257794 patch now upstreamed - Print release file during build, ... oval:org.secpod.oval:def:205911 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Loop in HttpsServer triggered during TLS session close * OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation * Ope ... oval:org.secpod.oval:def:1503069 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:205598 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Bypass of boundary checks in nio.Buffer via concurrent access * OpenJDK: Incomplete bounds checks in Affine Transformations * OpenJDK: Incorrect ... oval:org.secpod.oval:def:205879 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Incorrect comparison during range check elimination * OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host * Open ... oval:org.secpod.oval:def:66558 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Bypass of boundary checks in nio.Buffer via concurrent access * OpenJDK: Incomplete bounds checks in Affine Transformations * OpenJDK: Incorrect ... oval:org.secpod.oval:def:118529 The OpenJDK runtime environment. oval:org.secpod.oval:def:1503072 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:4501200 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: handshake DoS attack against DTLS connections * OpenJDK: soundbank URL remote loading For more details about the security issue, including the i ... oval:org.secpod.oval:def:5800064 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: improper MultiByte conversion can lead to buffer overflow * OpenJDK: excessive memory allocation in X.509 certificate parsing * OpenJDK: HttpSer ... oval:org.secpod.oval:def:4500063 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References ... oval:org.secpod.oval:def:2600067 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. oval:org.secpod.oval:def:71452 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Incomplete enforcement of JAR signing disabled algorithms For more details about the security issue, including the impact, a CVSS score, acknowled ... oval:org.secpod.oval:def:89045777 This update for java-11-openjdk fixes the following issues: Update to 11.0.13+8 - CVE-2021-35550, bsc#1191901: Update the default enabled cipher suites preference - CVE-2021-35565, bsc#1191909: com.sun.net.HttpsServer spins on TLS session close - CVE-2021-35556, bsc#1191910: Richer Text Editors - C ... oval:org.secpod.oval:def:89046068 This update for java-11-openjdk fixes the following issues: - CVE-2022-21248: Fixed incomplete deserialization class filtering in ObjectInputStream. - CVE-2022-21277: Fixed incorrect reading of TIFF files in TIFFNullDecompressor. - CVE-2022-21282: Fixed Insufficient URI checks in the XSLT Transfor ... oval:org.secpod.oval:def:1506359 [1:11.0.18.0.10-1] - Update to jdk-11.0.18+10 - Update release notes to 11.0.18+10 - Switch to GA mode for release - ** This tarball is embargoed until 2023-01-17 @ 1pm PT. ** - Related: rhbz#2157797 [1:11.0.18.0.9-0.2.ea] - Update to jdk-11.0.18+9 - Update release notes to 11.0.18+9 - Drop local c ... oval:org.secpod.oval:def:89047182 This update for java-11-openjdk fixes the following issues: Update to 11.0.13+8 - CVE-2021-35550, bsc#1191901: Update the default enabled cipher suites preference - CVE-2021-35565, bsc#1191909: com.sun.net.HttpsServer spins on TLS session close - CVE-2021-35556, bsc#1191910: Richer Text Editors - C ... oval:org.secpod.oval:def:119757 The OpenJDK 11 runtime environment. oval:org.secpod.oval:def:1506360 [11.0.18.0.10-2.0.1] - Replace upstream references [Orabug: 34340155] [1:11.0.18.0.10-2] - Update to jdk-11.0.18+10 - Update release notes to 11.0.18+10 - Switch to GA mode for release - ** This tarball is embargoed until 2023-01-17 @ 1pm PT. ** - Related: rhbz#2157798 [1:11.0.18.0.9-0.2.ea] - Upda ... oval:org.secpod.oval:def:4500099 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the Reference ... oval:org.secpod.oval:def:1505034 [1:11.0.12.0.7-0.0.1] - link atomic for ix86 build [1:11.0.12.0.7-0] - Update to jdk-11.0.12.0+7 - Update release notes to 11.0.12.0+7 - Switch to GA mode for final release. - This tarball is embargoed until 2021-07-20 @ 1pm PT. - Resolves: rhbz#1972395 [1:11.0.12.0.6-0.0.ea] - Update to jdk-11.0.12 ... oval:org.secpod.oval:def:1505032 [1:11.0.12.0.7-0] - Update to jdk-11.0.12.0+7 - Update release notes to 11.0.12.0+7 - Switch to GA mode for final release. - This tarball is embargoed until 2021-07-20 @ 1pm PT. - Resolves: rhbz#1972395 [1:11.0.12.0.6-0.0.ea] - Update to jdk-11.0.12.0+6 - Update release notes to 11.0.12.0+6 - Switch ... oval:org.secpod.oval:def:1505433 [1:11.0.14.0.9-1.0.1] - link atomic for ix86 build [1:11.0.14.0.9-1] - Update to jdk-11.0.14.0+9 - Update release notes to 11.0.14.0+9 - Switch to GA mode for final release. - This tarball is embargoed until 2022-01-18 @ 1pm PT. - Resolves: rhbz#2039366 [1:11.0.14.0.8-0.1.ea] - Update to jdk-11.0.14 ... oval:org.secpod.oval:def:4500007 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References ... oval:org.secpod.oval:def:2500314 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. oval:org.secpod.oval:def:89047620 This update for java-11-openjdk fixes the following issues: Update to upstream tag jdk-11.0.16+8 - CVE-2022-21540: Improve class compilation - CVE-2022-21541: Enhance MethodHandle invocations - CVE-2022-34169: Improve Xalan supports oval:org.secpod.oval:def:2600125 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. oval:org.secpod.oval:def:118530 The OpenJDK runtime environment. oval:org.secpod.oval:def:89047616 This update for java-11-openjdk fixes the following issues: - CVE-2022-21248: Fixed incomplete deserialization class filtering in ObjectInputStream. - CVE-2022-21277: Fixed incorrect reading of TIFF files in TIFFNullDecompressor. - CVE-2022-21282: Fixed Insufficient URI checks in the XSLT Transfor ... oval:org.secpod.oval:def:2500821 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. oval:org.secpod.oval:def:1505848 [1:11.0.16.0.8-1.0.1] - link atomic for ix86 build [1:11.0.16.0.8-1] - Update to jdk-11.0.16+8 - Update release notes to 11.0.16+8 - Use same tarball naming style as java-17-openjdk and java-latest-openjdk - Drop JDK-8284920 patch now upstreamed - Print release file during build, which should now in ... oval:org.secpod.oval:def:1505849 [1:11.0.16.0.8-1] - Update to jdk-11.0.16+8 - Update release notes to 11.0.16+8 - Use same tarball naming style as java-17-openjdk and java-latest-openjdk - Drop JDK-8257794 patch now upstreamed - Print release file during build, which should now include a correct SOURCE value from .src-rev - Update ... oval:org.secpod.oval:def:1505576 [1:11.0.15.0.9-2.0.1] - link atomic for ix86 build [1:11.0.15.0.9-2] - Add JDK-8284920 fix for XPath regression - Related: rhbz#2073422 [1:11.0.15.0.9-2] - Remove security items from release notes that were only in 17u and N/A for 11u - Related: rhbz#2073422 [1:11.0.15.0.9-1] - Update to jdk-11.0.15 ... oval:org.secpod.oval:def:89047404 This update for java-11-openjdk fixes the following issues: - CVE-2022-21426: Fixed Oracle Java SE compromission via unauthenticated attacker with network access via multiple protocols . - CVE-2022-21434: Fixed Oracle Java SE compromission via unauthenticated attacker with network access via multipl ... oval:org.secpod.oval:def:1505591 [1:11.0.15.0.9-2] - Add JDK-8284920 fix for XPath regression - Related: rhbz#2073422 [1:11.0.15.0.9-2] - Remove security items from release notes that were only in 17u and N/A for 11u - Related: rhbz#2073422 [1:11.0.15.0.9-1] - Update to jdk-11.0.15.0+9 - Update release notes to 11.0.15.0+9 - Switch ... oval:org.secpod.oval:def:2500618 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. oval:org.secpod.oval:def:1505883 [1:11.0.15.0.10-1] - Update to jdk-11.0.15.0+10 - Update release notes to 11.0.15.0+10 - Switch to GA mode for release - Rebase RH1996182 FIPS patch after JDK-8254410 - Resolves: rhbz#2073594 oval:org.secpod.oval:def:506964 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Defective secure validation in Apache Santuario * OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions * OpenJDK: Impro ... oval:org.secpod.oval:def:4500901 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Defective secure validation in Apache Santuario * OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions * OpenJDK: Impro ... oval:org.secpod.oval:def:3301225 SUSE Security Update: Security update for java-11-openjdk oval:org.secpod.oval:def:205239 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Side-channel attack risks in Elliptic Curve cryptography * OpenJDK: Insufficient checks of suppressed exceptions in deserialization * OpenJDK: ... oval:org.secpod.oval:def:503187 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Side-channel attack risks in Elliptic Curve cryptography * OpenJDK: Insufficient checks of suppressed exceptions in deserialization * OpenJDK: ... oval:org.secpod.oval:def:503190 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Side-channel attack risks in Elliptic Curve cryptography * OpenJDK: Insufficient checks of suppressed exceptions in deserialization * OpenJDK: ... oval:org.secpod.oval:def:1502574 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:66450 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Side-channel attack risks in Elliptic Curve cryptography * OpenJDK: Insufficient checks of suppressed exceptions in deserialization * OpenJDK: ... oval:org.secpod.oval:def:509057 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: OpenJDK: array out-of-bounds access due to missing range check in C1 compiler OpenJDK: RSA padding issue and timing side-channel attack against TLS OpenJDK ... oval:org.secpod.oval:def:89051402 This update for java-11-openjdk fixes the following issues: Updated to version 11.0.22 : * CVE-2024-20918: Fixed an out of bounds access in the Hotspot JVM due to a missing bounds check . * CVE-2024-20919: Fixed a sandbox bypass in the Hotspot JVM class file verifier . * CVE-2024-20921: Fixed an inc ... oval:org.secpod.oval:def:89051443 This update for java-11-openjdk fixes the following issues: Updated to version 11.0.22 : * CVE-2024-20918: Fixed an out of bounds access in the Hotspot JVM due to a missing bounds check . * CVE-2024-20919: Fixed a sandbox bypass in the Hotspot JVM class file verifier . * CVE-2024-20921: Fixed an inc ... oval:org.secpod.oval:def:1702083 A vulnerability that allows an attacker to execute arbitrary java code from the javascript engine even though the option "--no-java" was set. With carefully crafted custom bytecodes, arbitrary unverified bytecodes could be executed. Loop optimizations are not correct when induction variable overflow ... |
