RHSA-2019:4110-01 -- Redhat java-1.7.1-ibm, javaID: oval:org.secpod.oval:def:505599 | Date: (C)2020-12-31 (M)2022-11-07 |
Class: PATCH | Family: unix |
IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP55. Security Fix: * OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler * OpenJDK: Incorrect handling of HTTP proxy responses in HttpURLConnection * OpenJDK: Missing restrictions on use of custom SocketImpl * OpenJDK: NULL pointer dereference in DrawGlyphList * OpenJDK: Unexpected exception thrown by Pattern processing crafted regular expression * OpenJDK: Unexpected exception thrown by XPathParser processing crafted XPath expression * OpenJDK: Unexpected exception thrown by XPath processing crafted XPath expression * OpenJDK: Unexpected exception thrown during Font object deserialization * OpenJDK: Integer overflow in bounds check in SunGraphics2D * OpenJDK: Excessive memory allocation in CMap when reading TrueType font * OpenJDK: Insufficient filtering of HTML event attributes in Javadoc For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Platform: |
Red Hat Enterprise Linux 7 |