SUSE-SU-2024:0847-1 -- SLES java-1_8_0-openjdkID: oval:org.secpod.oval:def:89051644 | Date: (C)2024-04-26 (M)2024-04-29 |
Class: PATCH | Family: unix |
This update for java-1_8_0-openjdk fixes the following issues: * CVE-2024-20952: Fixed RSA padding issue and timing side-channel attack against TLS . * CVE-2024-20921: Fixed range check loop optimization issue . * CVE-2024-20926: Fixed rbitrary Java code execution in Nashorn . * CVE-2024-20919: Fixed JVM class file verifier flaw allows unverified byte code execution . * CVE-2024-20918: Fixed array out-of-bounds access due to missing range check in C1 compiler . * CVE-2024-20945: Fixed logging of digital signature private keys . Update to version jdk8u402 .
Platform: |
SUSE Linux Enterprise Server 15 SP4 |
SUSE Linux Enterprise Server 15 SP2 |
SUSE Linux Enterprise Server 15 SP3 |
Product: |
java-1_8_0-openjdk |