RLSA-2022:1442 --- java-11-openjdkID: oval:org.secpod.oval:def:4500901 | Date: (C)2023-04-03 (M)2024-02-29 |
Class: PATCH | Family: unix |
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Defective secure validation in Apache Santuario * OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions * OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler * OpenJDK: Missing check for negative ObjectIdentifier * OpenJDK: URI parsing inconsistencies For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.