RHSA-2019:3127-01 -- Redhat java-11-openjdkID: oval:org.secpod.oval:def:503361 | Date: (C)2019-10-18 (M)2022-11-07 |
Class: PATCH | Family: unix |
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Improper handling of Kerberos proxy credentials * OpenJDK: Unexpected exception thrown during regular expression processing in Nashorn * OpenJDK: Out of bounds access in optimized String indexof implementation * OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler * OpenJDK: Incorrect handling of HTTP proxy responses in HttpURLConnection * OpenJDK: Missing restrictions on use of custom SocketImpl * OpenJDK: NULL pointer dereference in DrawGlyphList * OpenJDK: Unexpected exception thrown by Pattern processing crafted regular expression * OpenJDK: Unexpected exception thrown by XPathParser processing crafted XPath expression * OpenJDK: Unexpected exception thrown by XPath processing crafted XPath expression * OpenJDK: Unexpected exception thrown during Font object deserialization * OpenJDK: Missing glyph bitmap image dimension check in FreetypeFontScaler * OpenJDK: Integer overflow in bounds check in SunGraphics2D * OpenJDK: Excessive memory allocation in CMap when reading TrueType font * OpenJDK: Insufficient filtering of HTML event attributes in Javadoc For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Platform: |
Red Hat Enterprise Linux 7 |