Download
| Alert*
oval:org.secpod.oval:def:89510
The host is installed with Oracle Java SE through 11.0.17, 17.0.5 or 19.0.1 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JSSE. Successful exploitation allows attackers to affect availability. oval:org.secpod.oval:def:86993 The host is installed with Oracle Java SE through 11.0.17, 17.0.5 or 19.0.1 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JSSE. Successful exploitation allows attackers to affect availability. oval:org.secpod.oval:def:87004 The host is installed with Oracle Java SE through 11.0.17, 17.0.5 or 19.0.1 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JSSE. Successful exploitation allows attackers to affect availability. oval:org.secpod.oval:def:86944 The host is installed with Oracle Java SE through 11.0.17, 17.0.5 or 19.0.1, or Azul Zulu 11 before 11.61.18, 13 before 13.53.18, 15 before 15.45.18, or 17 before 17.39.20 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JSS ... oval:org.secpod.oval:def:2500926 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. oval:org.secpod.oval:def:89332 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or spoofing. oval:org.secpod.oval:def:2500925 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. oval:org.secpod.oval:def:89473 openjdk-17: Open Source Java implementation - openjdk-19: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:4501181 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix: * OpenJDK: handshake DoS attack against DTLS connections * OpenJDK: soundbank URL remote loading For more details about the security issue, including the i ... oval:org.secpod.oval:def:507486 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix: * OpenJDK: handshake DoS attack against DTLS connections * OpenJDK: soundbank URL remote loading For more details about the security issue, including the i ... oval:org.secpod.oval:def:1506360 [11.0.18.0.10-2.0.1] - Replace upstream references [Orabug: 34340155] [1:11.0.18.0.10-2] - Update to jdk-11.0.18+10 - Update release notes to 11.0.18+10 - Switch to GA mode for release - ** This tarball is embargoed until 2023-01-17 @ 1pm PT. ** - Related: rhbz#2157798 [1:11.0.18.0.9-0.2.ea] - Upda ... oval:org.secpod.oval:def:507468 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: handshake DoS attack against DTLS connections * OpenJDK: soundbank URL remote loading For more details about the security issue, including the i ... oval:org.secpod.oval:def:507467 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix: * OpenJDK: handshake DoS attack against DTLS connections * OpenJDK: soundbank URL remote loading For more details about the security issue, including the i ... oval:org.secpod.oval:def:507489 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: handshake DoS attack against DTLS connections * OpenJDK: soundbank URL remote loading For more details about the security issue, including the i ... oval:org.secpod.oval:def:4501200 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: handshake DoS attack against DTLS connections * OpenJDK: soundbank URL remote loading For more details about the security issue, including the i ... oval:org.secpod.oval:def:507469 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: handshake DoS attack against DTLS connections * OpenJDK: soundbank URL remote loading For more details about the security issue, including the i ... oval:org.secpod.oval:def:610363 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or spoofing. oval:org.secpod.oval:def:1701109 Enhance DTLS performance: DTLS does not avail itself of the HelloVerifyRequest message which opens opportunities for DoS. Better Banking of Sounds: JARSoundbankReader can load classes from remote URLs oval:org.secpod.oval:def:124957 The OpenJDK 11 runtime environment. oval:org.secpod.oval:def:1506364 [1:17.0.6.0.10-3.0.1] - Replace upstream references [Orabug: 34340155] [1:17.0.6.0.10-3] - Add missing release note for JDK-8295687 - Resolves: rhbz#2160111 [1:17.0.6.0.10-3] - Update FIPS support to bring in latest changes - * OJ1357: Fix issue on FIPS with a SecurityManager in place - Related: rhb ... oval:org.secpod.oval:def:1506386 [1:11.0.18.0.10-1] - Update to jdk-11.0.18+10 - Update release notes to 11.0.18+10 - Switch to GA mode for release - ** This tarball is embargoed until 2023-01-17 @ 1pm PT. ** - Related: rhbz#2150192 [1:11.0.18.0.9-0.2.ea] - Update to jdk-11.0.18+9 - Update release notes to 11.0.18+9 - Drop local c ... oval:org.secpod.oval:def:89048579 This update for java-11-openjdk fixes the following issues: * CVE-2023-21843: Fixed soundbank URL remote loading . * CVE-2023-21835: Fixed handshake DoS attack against DTLS connections . Bugfixes: * Remove broken accessibility sub-package . oval:org.secpod.oval:def:124956 The OpenJDK 11 runtime environment. oval:org.secpod.oval:def:610367 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or spoofing. oval:org.secpod.oval:def:89048794 This update for java-1_8_0-ibm fixes the following issues: * Update to Java 8.0 Service Refresh 8 : * Security fixes: * CVE-2023-21830: Fixed improper restrictions in CORBA deserialization . * CVE-2023-21835: Fixed handshake DoS attack against DTLS connections . * CVE-2023-21843: Fixed soundbank URL ... oval:org.secpod.oval:def:3300317 SUSE Security Update: Security update for java-17-openjdk oval:org.secpod.oval:def:2600128 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. oval:org.secpod.oval:def:89048280 This update for java-11-openjdk fixes the following issues: - CVE-2023-21843: Fixed soundbank URL remote loading . - CVE-2023-21835: Fixed handshake DoS attack against DTLS connections . oval:org.secpod.oval:def:5800038 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: handshake DoS attack against DTLS connections * OpenJDK: soundbank URL remote loading For more details about the security issue, including the i ... oval:org.secpod.oval:def:707980 openjdk-17: Open Source Java implementation - openjdk-19: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:1701191 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated at ... oval:org.secpod.oval:def:2600125 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. oval:org.secpod.oval:def:5800017 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix: * OpenJDK: handshake DoS attack against DTLS connections * OpenJDK: soundbank URL remote loading For more details about the security issue, including the i ... oval:org.secpod.oval:def:124964 The OpenJDK 19 runtime environment. oval:org.secpod.oval:def:205998 Security Fix: OpenJDK: handshake DoS attack against DTLS connections OpenJDK: soundbank URL remote loading For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Bug Fi ... oval:org.secpod.oval:def:1506358 [1:17.0.6.0.10-3] - Add missing release note for JDK-8295687 - Resolves: rhbz#2160111 [1:17.0.6.0.10-3] - Update FIPS support to bring in latest changes - * OJ1357: Fix issue on FIPS with a SecurityManager in place - Related: rhbz#2147473 [1:17.0.6.0.10-3] - Fix flatpak builds by disabling TestTrans ... oval:org.secpod.oval:def:89048703 This update for java-1_8_0-ibm fixes the following issues: * Update to Java 8.0 Service Refresh 8 : * Security fixes: * CVE-2023-21830: Fixed improper restrictions in CORBA deserialization . * CVE-2023-21835: Fixed handshake DoS attack against DTLS connections . * CVE-2023-21843: Fixed soundbank URL ... oval:org.secpod.oval:def:124962 The OpenJDK 19 runtime environment. oval:org.secpod.oval:def:1506359 [1:11.0.18.0.10-1] - Update to jdk-11.0.18+10 - Update release notes to 11.0.18+10 - Switch to GA mode for release - ** This tarball is embargoed until 2023-01-17 @ 1pm PT. ** - Related: rhbz#2157797 [1:11.0.18.0.9-0.2.ea] - Update to jdk-11.0.18+9 - Update release notes to 11.0.18+9 - Drop local c ... oval:org.secpod.oval:def:124960 The OpenJDK 17 runtime environment. oval:org.secpod.oval:def:1701111 Enhance DTLS performance: DTLS does not avail itself of the HelloVerifyRequest message which opens opportunities for DoS. Better Banking of Sounds: JARSoundbankReader can load classes from remote URLs oval:org.secpod.oval:def:89336 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or spoofing. oval:org.secpod.oval:def:89048284 This update for java-17-openjdk fixes the following issues: Updated to version jdk-17.0.6.0+10: - CVE-2023-21835: Fixed handshake DoS attack against DTLS connections . - CVE-2023-21843: Fixed soundbank URL remote loading . Bugfixes: - Avoid calling C_GetInfo too early, before cryptoki is initialized ... |