[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:3300889
SUSE Security Update: Security update for java-17-openjdk

oval:org.secpod.oval:def:4501163
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. The following packages have been upgraded to a later upstream version: java-11-openjdk . Security Fix: * OpenJDK: integer truncation issue in Xalan-J * OpenJDK: class com ...

oval:org.secpod.oval:def:3301338
SUSE Security Update: Security update for java-1_8_0-ibm

oval:org.secpod.oval:def:88382
Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in the execution of arbitrary Java bytecode or the bypass of the Java sandbox.

oval:org.secpod.oval:def:3301339
SUSE Security Update: Security update for java-1_8_0-ibm

oval:org.secpod.oval:def:89046909
This update for java-1_8_0-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 7 Fix Pack 11 : - CVE-2022-34169: Fixed an integer truncation issue in the Xalan Java XSLT library that occurred when processing malicious stylesheets . - CVE-2022-21549: Fixed an issue that could lead to ...

oval:org.secpod.oval:def:89046879
This update for java-1_8_0-openjdk fixes the following issues: - Updated to version jdk8u345 - CVE-2022-21540: Fixed a potential Java sandbox bypass . - CVE-2022-21541: Fixed a potential Java sandbox bypass . - CVE-2022-34169: Fixed an issue where arbitrary bytecode could be executed via a maliciou ...

oval:org.secpod.oval:def:1700973
Generated code produced by C1 may leak a package-private class to a class from a different package. MethodHandle.invokeBasic method can be accessed on byte code level from an arbitrary class. The Xalan Java XSLT library has an integer truncation issue when processing malicious stylesheets. This can ...

oval:org.secpod.oval:def:1505850
[1:1.8.0.342.b07-1] - Update to shenandoah-jdk8u342-b07 - Update release notes for shenandoah-8u342-b07. - Print release file during build, which should now include a correct SOURCE value from .src-rev - Update tarball script with IcedTea GitHub URL and .src-rev generation - Use git apply with patch ...

oval:org.secpod.oval:def:1505851
[1:1.8.0.342.b07-1] - Update to shenandoah-jdk8u342-b07 - Update release notes for shenandoah-8u342-b07. - Print release file during build, which should now include a correct SOURCE value from .src-rev - Update tarball script with IcedTea GitHub URL and .src-rev generation - Use git apply with patch ...

oval:org.secpod.oval:def:89046834
This update for java-11-openjdk fixes the following issues: Update to upstream tag jdk-11.0.16+8 - CVE-2022-21540: Improve class compilation - CVE-2022-21541: Enhance MethodHandle invocations - CVE-2022-34169: Improve Xalan supports

oval:org.secpod.oval:def:1505852
[1:17.0.4.0.8-0.2.ea] - Add rpminspect.yaml to turn off Java bytecode inspections - java-17-openjdk deliberately produces Java 17 bytecode, not the default Java 11 bytecode - Resolves: rhbz#2109106 [1:17.0.4.0.8-0.2.ea] - Revert the following changes until copy-java-configs has adapted to relative s ...

oval:org.secpod.oval:def:123647
The OpenJDK 17 runtime environment.

oval:org.secpod.oval:def:124056
The OpenJDK 8 runtime environment.

oval:org.secpod.oval:def:124055
The OpenJDK 11 runtime environment.

oval:org.secpod.oval:def:89046870
This update for java-11-openjdk fixes the following issues: Update to upstream tag jdk-11.0.16+8 - CVE-2022-21540: Improve class compilation - CVE-2022-21541: Enhance MethodHandle invocations - CVE-2022-34169: Improve Xalan supports

oval:org.secpod.oval:def:124058
The OpenJDK 18 runtime environment.

oval:org.secpod.oval:def:1505856
[1.8.0.342.b07-1.0.1] - Replace upstream references [Orabug: 34340145] [1:1.8.0.342.b07-1] - Update to shenandoah-jdk8u342-b07 - Update release notes for shenandoah-8u342-b07. - Print release file during build, which should now include a correct SOURCE value from .src-rev - Update tarball script wit ...

oval:org.secpod.oval:def:124057
The OpenJDK 11 runtime environment.

oval:org.secpod.oval:def:85661
Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in the execution of arbitrary Java bytecode or the bypass of the Java sandbox.

oval:org.secpod.oval:def:124063
The OpenJDK 17 runtime environment.

oval:org.secpod.oval:def:2600067
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

oval:org.secpod.oval:def:124061
The OpenJDK 8 runtime environment.

oval:org.secpod.oval:def:2600069
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

oval:org.secpod.oval:def:507079
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. The following packages have been upgraded to a later upstream version: java-1.8.0-openjdk . Security Fix: * OpenJDK: integer truncation issue in Xalan-J * OpenJDK: class ...

oval:org.secpod.oval:def:507077
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. The following packages have been upgraded to a later upstream version: java-11-openjdk . Security Fix: * OpenJDK: integer truncation issue in Xalan-J * OpenJDK: class com ...

oval:org.secpod.oval:def:4501115
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. The following packages have been upgraded to a later upstream version: java-17-openjdk . Security Fix: * OpenJDK: integer truncation issue in Xalan-J * OpenJDK: class com ...

oval:org.secpod.oval:def:507076
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. The following packages have been upgraded to a later upstream version: java-17-openjdk . Security Fix: * OpenJDK: integer truncation issue in Xalan-J * OpenJDK: class com ...

oval:org.secpod.oval:def:97665
[CLSA-2022:1659638796] Fixed CVEs in java-1.8.0-openjdk: CVE-2022-21541, CVE-2022-34169, CVE-2022-21540

oval:org.secpod.oval:def:89047707
This update for java-17-openjdk fixes the following issues: Update to upstream tag jdk-17.0.4+8 - CVE-2022-21540: Improve class compilation - CVE-2022-21541: Enhance MethodHandle invocations - CVE-2022-34169: Improve Xalan supports - CVE-2022-21549: java.util.random does not correctly sample exp ...

oval:org.secpod.oval:def:1700962
Generated code produced by C1 may leak a package-private class to a class from a different package. MethodHandle.invokeBasic method can be accessed on byte code level from an arbitrary class. The Xalan Java XSLT library has an integer truncation issue when processing malicious stylesheets. This can ...

oval:org.secpod.oval:def:205972
Security Fix: OpenJDK: integer truncation issue in Xalan-J OpenJDK: class compilation issue OpenJDK: improper restriction of MethodHandle.invokeBasic For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE ...

oval:org.secpod.oval:def:2500689
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

oval:org.secpod.oval:def:1505869
[1:17.0.4.0.8-0.2.ea] - Revert the following changes until copy-java-configs has adapted to relative symlinks: - * Move cacerts replacement to install section and retain original of this and tzdb.dat - * Run tests on the installed image, rather than the build image - * Introduce variables to refer t ...

oval:org.secpod.oval:def:2500763
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

oval:org.secpod.oval:def:124064
The OpenJDK 18 runtime environment.

oval:org.secpod.oval:def:507081
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. The following packages have been upgraded to a later upstream version: java-1.8.0-openjdk . Security Fix: * OpenJDK: integer truncation issue in Xalan-J * OpenJDK: class ...

oval:org.secpod.oval:def:507080
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. The following packages have been upgraded to a later upstream version: java-11-openjdk . Security Fix: * OpenJDK: integer truncation issue in Xalan-J * OpenJDK: class com ...

oval:org.secpod.oval:def:507086
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. The following packages have been upgraded to a later upstream version: java-1.8.0-openjdk . Security Fix: * OpenJDK: integer truncation issue in Xalan-J * OpenJDK: class ...

oval:org.secpod.oval:def:507084
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. The following packages have been upgraded to a later upstream version: java-11-openjdk . Security Fix: * OpenJDK: integer truncation issue in Xalan-J * OpenJDK: class com ...

oval:org.secpod.oval:def:2600075
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

oval:org.secpod.oval:def:1700947
Generated code produced by C1 may leak a package-private class to a class from a different package. MethodHandle.invokeBasic method can be accessed on byte code level from an arbitrary class. The Xalan Java XSLT library has an integer truncation issue when processing malicious stylesheets. This can ...

oval:org.secpod.oval:def:3300629
SUSE Security Update: Security update for java-1_8_0-openjdk

oval:org.secpod.oval:def:89046928
This update for java-1_8_0-ibm fixes the following issues: - Updated to Java 8.0 Service Refresh 7 Fix Pack 11 : - CVE-2022-34169: Fixed an integer truncation issue in the Xalan Java XSLT library that occurred when processing malicious stylesheets . - CVE-2022-21549: Fixed an issue that could lead t ...

oval:org.secpod.oval:def:1700951
Generated code produced by C1 may leak a package-private class to a class from a different package. MethodHandle.invokeBasic method can be accessed on byte code level from an arbitrary class. computeNextExponential sometimes returns negative numbers contrary to the documentation. The Xalan Java XSLT ...

oval:org.secpod.oval:def:205966
Security Fix: OpenJDK: integer truncation issue in Xalan-J OpenJDK: class compilation issue OpenJDK: improper restriction of MethodHandle.invokeBasic For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE ...

oval:org.secpod.oval:def:89046897
This update for java-1_8_0-openjdk fixes the following issues: - Updated to version jdk8u345 - CVE-2022-21540: Fixed a potential Java sandbox bypass . - CVE-2022-21541: Fixed a potential Java sandbox bypass . - CVE-2022-34169: Fixed an issue where arbitrary bytecode could be executed via a maliciou ...

oval:org.secpod.oval:def:89047620
This update for java-11-openjdk fixes the following issues: Update to upstream tag jdk-11.0.16+8 - CVE-2022-21540: Improve class compilation - CVE-2022-21541: Enhance MethodHandle invocations - CVE-2022-34169: Improve Xalan supports

oval:org.secpod.oval:def:1701003
Generated code produced by C1 may leak a package-private class to a class from a different package. MethodHandle.invokeBasic method can be accessed on byte code level from an arbitrary class. The Xalan Java XSLT library has an integer truncation issue when processing malicious stylesheets. This can ...

oval:org.secpod.oval:def:82290
The host is installed with Oracle Java SE through 7u343, 8u333, 11.0.15.1, 17.0.3.1 or 18.0.1.1 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Hotspot. Successful exploitation allows attackers to affect integrity.

oval:org.secpod.oval:def:82295
The host is installed with Oracle Java SE through 7u343, 8u333, 11.0.15.1, 17.0.3.1 or 18.0.1.1 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Hotspot. Successful exploitation allows attackers to affect integrity.

oval:org.secpod.oval:def:507097
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. The following packages have been upgraded to a later upstream version: java-17-openjdk . Security Fix: * OpenJDK: integer truncation issue in Xalan-J * OpenJDK: class com ...

oval:org.secpod.oval:def:608768
Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in the execution of arbitrary Java bytecode or the bypass of the Java sandbox.

oval:org.secpod.oval:def:89046914
This update for java-1_7_1-ibm fixes the following issues: - Updated to Java 7.1 Service Refresh 5 Fix Pack 15 : - CVE-2022-34169: Fixed an integer truncation issue in the Xalan Java XSLT library that occurred when processing malicious stylesheets . - CVE-2022-21549: Fixed an issue that could lead t ...

oval:org.secpod.oval:def:89047935
This update for java-1_8_0-ibm fixes the following issues: - CVE-2022-21626: An unauthenticated attacker with network access via HTTPS can compromise Oracle Java SE, Oracle GraalVM Enterprise Edition . - CVE-2022-21618: An unauthenticated attacker with network access via Kerberos can compromise Orac ...

oval:org.secpod.oval:def:3301193
SUSE Security Update: Security update for java-11-openjdk

oval:org.secpod.oval:def:1505884
[1:11.0.16.0.8-1.0.1] - Replace upstream references [Orabug: 34340155] [1:11.0.16.0.8-1] - Update to jdk-11.0.16+8 - Update release notes to 11.0.16+8 - Use same tarball naming style as java-17-openjdk and java-latest-openjdk - Drop JDK-8257794 patch now upstreamed - Print release file during build, ...

oval:org.secpod.oval:def:4501007
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. The following packages have been upgraded to a later upstream version: java-1.8.0-openjdk . Security Fix: * OpenJDK: integer truncation issue in Xalan-J * OpenJDK: class ...

oval:org.secpod.oval:def:608764
Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in the execution of arbitrary Java bytecode or the bypass of the Java sandbox.

oval:org.secpod.oval:def:89046961
This update for java-1_8_0-ibm fixes the following issues: Note: the issues listed below were NOT fixed with the previous update . - Update to Java 8.0 Service Refresh 7 Fix Pack 15 : - CVE-2022-34169: Fixed an integer truncation issue in the Xalan Java XSLT library that occurred when processing mal ...

oval:org.secpod.oval:def:1505848
[1:11.0.16.0.8-1.0.1] - link atomic for ix86 build [1:11.0.16.0.8-1] - Update to jdk-11.0.16+8 - Update release notes to 11.0.16+8 - Use same tarball naming style as java-17-openjdk and java-latest-openjdk - Drop JDK-8284920 patch now upstreamed - Print release file during build, which should now in ...

oval:org.secpod.oval:def:1505849
[1:11.0.16.0.8-1] - Update to jdk-11.0.16+8 - Update release notes to 11.0.16+8 - Use same tarball naming style as java-17-openjdk and java-latest-openjdk - Drop JDK-8257794 patch now upstreamed - Print release file during build, which should now include a correct SOURCE value from .src-rev - Update ...

oval:org.secpod.oval:def:82245
The host is installed with Oracle Java SE through 7u343, 8u333, 11.0.15.1, 17.0.3.1 or 18.0.1.1 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Hotspot. Successful exploitation allows attackers to affect integrity.

oval:org.secpod.oval:def:1601579
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated at ...

oval:org.secpod.oval:def:1601578
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated at ...

oval:org.secpod.oval:def:86431
openjdk-17: Open Source Java implementation - openjdk-18: Open Source Java implementation - openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK.

oval:org.secpod.oval:def:97673
[CLSA-2022:1661176564] Fixed 50 CVEs in java-1.7.0-openjdk

oval:org.secpod.oval:def:1701005
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unaut ...

oval:org.secpod.oval:def:1700999
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated at ...

oval:org.secpod.oval:def:707659
openjdk-17: Open Source Java implementation - openjdk-18: Open Source Java implementation - openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK.

oval:org.secpod.oval:def:82249
The host is installed with Oracle Java SE through 7u343, 8u333, 11.0.15.1, 17.0.3.1 or 18.0.1.1, or Azul Zulu 7 before 7.55, 8 before 8.63, 11 before 11.57, 13 before 13.49, 15 before 15.41, or 17 before 17.35 and is prone to an unspecified vulnerability. A flaw is present in the application, which ...

*CVE
CVE-2022-21541

© SecPod Technologies