RHSA-2019:2590-01 -- Redhat java-1.8.0-ibmID: oval:org.secpod.oval:def:505924 | Date: (C)2021-03-04 (M)2024-04-17 |
Class: PATCH | Family: unix |
IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP40. Security Fix: * IBM JDK: Out-of-bounds access in the String.getBytes method * IBM JDK: Failure to privatize a value pulled out of the loop by versioning * OpenJDK: Insufficient checks of suppressed exceptions in deserialization * OpenJDK: Unbounded memory allocation during deserialization in Collections * OpenJDK: Missing URL format validation * OpenJDK: Insufficient restriction of privileges in AccessController * libpng: use-after-free in png_image_free in png.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Platform: |
Red Hat Enterprise Linux 8 |