Download
| Alert*
oval:org.secpod.oval:def:707799
openjdk-17: Open Source Java implementation - openjdk-19: Open Source Java implementation - openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:2600056 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. oval:org.secpod.oval:def:3301339 SUSE Security Update: Security update for java-1_8_0-ibm oval:org.secpod.oval:def:507221 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix: * OpenJDK: improper MultiByte conversion can lead to buffer overflow * OpenJDK: excessive memory allocation in X.509 certificate parsing * OpenJDK: HttpSer ... oval:org.secpod.oval:def:507220 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: improper MultiByte conversion can lead to buffer overflow * OpenJDK: excessive memory allocation in X.509 certificate parsing * OpenJDK: HttpSer ... oval:org.secpod.oval:def:5800063 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: excessive memory allocation in X.509 certificate parsing * OpenJDK: HttpServer no connection count limit * OpenJDK: improper handling of long N ... oval:org.secpod.oval:def:89047915 This update for java-11-openjdk fixes the following issues: - Update to jdk-11.0.17+8 - CVE-2022-39399: Improve HTTP/2 client usage - CVE-2022-21628: Better HttpServer service - CVE-2022-21624: Enhance icon presentations - CVE-2022-21619: Improve NTLM support - CVE-2022-21626: Key X509 usages - ... oval:org.secpod.oval:def:1601652 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability all ... oval:org.secpod.oval:def:5800064 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: improper MultiByte conversion can lead to buffer overflow * OpenJDK: excessive memory allocation in X.509 certificate parsing * OpenJDK: HttpSer ... oval:org.secpod.oval:def:507427 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR7-FP20. Security Fix: * OpenJDK: excessive memory allocation in X.509 certificate parsing * OpenJDK: HttpServer no connection count limit * ... oval:org.secpod.oval:def:205986 Security Fix: OpenJDK: excessive memory allocation in X.509 certificate parsing OpenJDK: HttpServer no connection count limit OpenJDK: improper handling of long NTLM client hostnames OpenJDK: insufficient randomization of JNDI DNS port numbers For more details about the security issue, inclu ... oval:org.secpod.oval:def:610363 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or spoofing. oval:org.secpod.oval:def:4500942 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: excessive memory allocation in X.509 certificate parsing * OpenJDK: HttpServer no connection count limit * OpenJDK: improper handling of long N ... oval:org.secpod.oval:def:205983 Security Fix: OpenJDK: improper MultiByte conversion can lead to buffer overflow OpenJDK: excessive memory allocation in X.509 certificate parsing OpenJDK: HttpServer no connection count limit OpenJDK: improper handling of long NTLM client hostnames OpenJDK: insufficient randomization of JND ... oval:org.secpod.oval:def:610367 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or spoofing. oval:org.secpod.oval:def:124379 The OpenJDK 17 runtime environment. oval:org.secpod.oval:def:124378 The OpenJDK 11 runtime environment. oval:org.secpod.oval:def:5800137 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix: * OpenJDK: improper MultiByte conversion can lead to buffer overflow * OpenJDK: excessive memory allocation in X.509 certificate parsing * OpenJDK: HttpSer ... oval:org.secpod.oval:def:1701050 Title: Wider MultiByte conversions Buffer overflow is possible due to incorrect byte count . Title: Improve NTLM support writeSecurityBuffer writes a serialized security buffer to be used for NTLM auth. One of the fields that are serialized is a hostname provided by the name resolver. If this hostna ... oval:org.secpod.oval:def:124382 The OpenJDK 8 runtime environment. oval:org.secpod.oval:def:124381 The OpenJDK 11 runtime environment. oval:org.secpod.oval:def:2600060 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. oval:org.secpod.oval:def:89047904 This update for java-11-openjdk fixes the following issues: - Update to jdk-11.0.17+8 - CVE-2022-39399: Improve HTTP/2 client usage - CVE-2022-21628: Better HttpServer service - CVE-2022-21624: Enhance icon presentations - CVE-2022-21619: Improve NTLM support - CVE-2022-21626: Key X509 usages - ... oval:org.secpod.oval:def:89047913 This update for java-17-openjdk fixes the following issues: - Update to jdk-17.0.5+8 - CVE-2022-39399: Improve HTTP/2 client usage - CVE-2022-21628: Better HttpServer service - CVE-2022-21624: Enhance icon presentations - CVE-2022-21619: Improve NTLM support - CVE-2022-21618: Wider MultiByte oval:org.secpod.oval:def:84928 The host is installed with Oracle Java SE through 8u341, 11.0.16.1, 17.0.4.1 or 19.0.1 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JNDI. Successful exploitation allows attackers to affect Integrity. oval:org.secpod.oval:def:1506076 [1.8.0.352.b08-2.0.1] - Replace upstream references [Orabug: 34340145] [1:1.8.0.352.b08-2] - Update in-tree tzdata to 2022e with JDK-8294357 JDK-8295173 - Add test to ensure timezones can be translated - Related: rhbz#2133695 [1:1.8.0.352.b08-1] - Update to shenandoah-jdk8u352-b08 - Update release ... oval:org.secpod.oval:def:1506079 [1:11.0.17.0.8-2] - Update in-tree tzdata to 2022e with JDK-8294357 JDK-8295173 - Update CLDR data with Europe/Kyiv - Drop JDK-8292223 patch which we found to be unnecessary - Update TestTranslations.java to use public API based on TimeZoneNamesTest upstream - Related: rhbz#2133695 [1:11.0.17.0.8- ... oval:org.secpod.oval:def:124386 The OpenJDK 8 runtime environment. oval:org.secpod.oval:def:124384 The OpenJDK 17 runtime environment. oval:org.secpod.oval:def:89336 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or spoofing. oval:org.secpod.oval:def:89332 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or spoofing. oval:org.secpod.oval:def:4501064 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: improper MultiByte conversion can lead to buffer overflow * OpenJDK: excessive memory allocation in X.509 certificate parsing * OpenJDK: HttpSer ... oval:org.secpod.oval:def:124392 The OpenJDK 19 runtime environment. oval:org.secpod.oval:def:124391 The OpenJDK 19 runtime environment. oval:org.secpod.oval:def:1506085 [1:1.8.0.352.b08-2] - Update in-tree tzdata to 2022e with JDK-8294357 JDK-8295173 - Add test to ensure timezones can be translated - Related: rhbz#2133695 [1:1.8.0.352.b08-1] - Update to shenandoah-jdk8u352-b08 - Update release notes for shenandoah-8u352-b08. - * This tarball is embargoed until 20 ... oval:org.secpod.oval:def:1506086 [11.0.17.0.8-2.0.1] - Replace upstream references [Orabug: 34340155] [1:11.0.17.0.8-2] - Update in-tree tzdata to 2022e with JDK-8294357 JDK-8295173 - Update CLDR data with Europe/Kyiv - Drop JDK-8292223 patch which we found to be unnecessary - Update TestTranslations.java to use public API based ... oval:org.secpod.oval:def:1506080 [1:1.8.0.352.b08-2] - Update in-tree tzdata to 2022e with JDK-8294357 JDK-8295173 - Add test to ensure timezones can be translated - Related: rhbz#2133695 [1:1.8.0.352.b08-1] - Update to shenandoah-jdk8u352-b08 - Update release notes for shenandoah-8u352-b08. - Rebase FIPS patch against 8u352-b07 ... oval:org.secpod.oval:def:1506081 [1:17.0.5.0.8-2] - Update in-tree tzdata to 2022e with JDK-8294357 JDK-8295173 - Update CLDR data with Europe/Kyiv - Drop JDK-8292223 patch which we found to be unnecessary - Update TestTranslations.java to use public API based on TimeZoneNamesTest upstream - Related: rhbz#2133695 [1:17.0.5.0.8-1] ... oval:org.secpod.oval:def:1601631 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability all ... oval:org.secpod.oval:def:1506082 [1:17.0.5.0.8-2] - Update in-tree tzdata to 2022e with JDK-8294357 JDK-8295173 - Update CLDR data with Europe/Kyiv - Drop JDK-8292223 patch which we found to be unnecessary - Update TestTranslations.java to use public API based on TimeZoneNamesTest upstream - Related: rhbz#2132934 [1:17.0.5.0.8-1] ... oval:org.secpod.oval:def:4501068 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix: * OpenJDK: improper MultiByte conversion can lead to buffer overflow * OpenJDK: excessive memory allocation in X.509 certificate parsing * OpenJDK: HttpSer ... oval:org.secpod.oval:def:3300390 SUSE Security Update: Security update for java-17-openjdk oval:org.secpod.oval:def:1701048 Title: Wider MultiByte conversions Buffer overflow is possible due to incorrect byte count . Title: Improve NTLM support writeSecurityBuffer writes a serialized security buffer to be used for NTLM auth. One of the fields that are serialized is a hostname provided by the name resolver. If this hostna ... oval:org.secpod.oval:def:89047981 This update for java-1_8_0-ibm fixes the following issues: - CVE-2022-21626: An unauthenticated attacker with network access via HTTPS can compromise Oracle Java SE, Oracle GraalVM Enterprise Edition . - CVE-2022-21618: An unauthenticated attacker with network access via Kerberos can compromise Orac ... oval:org.secpod.oval:def:1701047 Title: Wider MultiByte conversions Buffer overflow is possible due to incorrect byte count . Title: Improve NTLM support writeSecurityBuffer writes a serialized security buffer to be used for NTLM auth. One of the fields that are serialized is a hostname provided by the name resolver. If this hostna ... oval:org.secpod.oval:def:89048034 This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u352 : - CVE-2022-21619,CVE-2022-21624: Fixed difficult to exploit vulnerability allows unauthenticated attacker with network access and can cause unauthorized update, insert or delete access via multiple protocols ... oval:org.secpod.oval:def:3301240 SUSE Security Update: Security update for java-11-openjdk oval:org.secpod.oval:def:86650 The host is missing a patch containing a security fixes, which affects the following package(s): Java oval:org.secpod.oval:def:3300852 SUSE Security Update: Security update for java-1_8_0-openjdk oval:org.secpod.oval:def:86097 openjdk-17: Open Source Java implementation - openjdk-19: Open Source Java implementation - openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:2600048 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. oval:org.secpod.oval:def:508182 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR7-FP20. Security Fix: OpenJDK: excessive memory allocation in X.509 certificate parsing OpenJDK: HttpServer no connection count limit OpenJ ... oval:org.secpod.oval:def:507211 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: excessive memory allocation in X.509 certificate parsing * OpenJDK: HttpServer no connection count limit * OpenJDK: improper handling of long N ... oval:org.secpod.oval:def:4800003 The host is installed with Oracle Java SE through 8u341, 11.0.16.1, 17.0.4.1 or 19.0 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JNDI. Successful exploitation allows attackers to affect Integrity. oval:org.secpod.oval:def:86092 openjdk-17: Open Source Java implementation - openjdk-19: Open Source Java implementation - openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:1506090 [1:11.0.17.0.8-2.0.1] - link atomic for ix86 build [1:11.0.17.0.8-2] - Update in-tree tzdata to 2022e with JDK-8294357 JDK-8295173 - Update CLDR data with Europe/Kyiv - Drop JDK-8292223 patch which we found to be unnecessary - Update TestTranslations.java to use public API based on TimeZoneNamesTe ... oval:org.secpod.oval:def:507215 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: excessive memory allocation in X.509 certificate parsing * OpenJDK: HttpServer no connection count limit * OpenJDK: improper handling of long N ... oval:org.secpod.oval:def:507214 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: improper MultiByte conversion can lead to buffer overflow * OpenJDK: excessive memory allocation in X.509 certificate parsing * OpenJDK: HttpSer ... oval:org.secpod.oval:def:2500819 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. oval:org.secpod.oval:def:507212 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: improper MultiByte conversion can lead to buffer overflow * OpenJDK: excessive memory allocation in X.509 certificate parsing * OpenJDK: HttpSer ... oval:org.secpod.oval:def:89047935 This update for java-1_8_0-ibm fixes the following issues: - CVE-2022-21626: An unauthenticated attacker with network access via HTTPS can compromise Oracle Java SE, Oracle GraalVM Enterprise Edition . - CVE-2022-21618: An unauthenticated attacker with network access via Kerberos can compromise Orac ... oval:org.secpod.oval:def:507218 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix: * OpenJDK: improper MultiByte conversion can lead to buffer overflow * OpenJDK: excessive memory allocation in X.509 certificate parsing * OpenJDK: HttpSer ... oval:org.secpod.oval:def:507216 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: excessive memory allocation in X.509 certificate parsing * OpenJDK: HttpServer no connection count limit * OpenJDK: improper handling of long N ... oval:org.secpod.oval:def:2500821 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. oval:org.secpod.oval:def:84940 The host is installed with Oracle Java SE through 8u341, 11.0.16.1, 17.0.4.1 or 19.0, or Azul Zulu 6 before 6.51.0.12, 7 before 7.57.0.14, 8 before 8.65.0.14, 11 before 11.59.16, 13 before 13.51.14, 15 before 15.43.14, or 17 before 17.37.14 and is prone to an unspecified vulnerability. A flaw is pre ... oval:org.secpod.oval:def:2500820 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. oval:org.secpod.oval:def:85515 openjdk-17: Open Source Java implementation - openjdk-19: Open Source Java implementation - openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:1701157 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability all ... oval:org.secpod.oval:def:84980 The host is installed with Oracle Java SE through 8u341, 11.0.16.1, 17.0.4.1 or 19.0 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JNDI. Successful exploitation allows attackers to affect Integrity. oval:org.secpod.oval:def:89048022 This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u352 : - CVE-2022-21619,CVE-2022-21624: Fixed difficult to exploit vulnerability allows unauthenticated attacker with network access and can cause unauthorized update, insert or delete access via multiple protocols ... |