SUSE-SU-2023:3441-1 -- SLES java-1_8_0-ibmID: oval:org.secpod.oval:def:89049320 | Date: (C)2023-08-30 (M)2024-02-19 |
Class: PATCH | Family: unix |
This update for java-1_8_0-ibm fixes the following issues: * Update to Java 8.0 Service Refresh 8 Fix Pack 10 * CVE-2022-40609: Fixed an unsafe deserialization flaw which could allow a remote attacker to execute arbitrary code on the system. * CVE-2023-22041: Fixed a flaw whcih could allow unauthorized access to critical data or complete access. * CVE-2023-22049: Fixed a flaw which could result in unauthorized update. * CVE-2023-22045: Fixed a flaw which could result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. * CVE-2023-22044: Fixed a flaw which could result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. * CVE-2023-22036: Fixed a flaw which could result in unauthorized ability to cause a partial denial of service. * CVE-2023-25193: Fixed a flaw which could allows attackers to trigger O growth via consecutive marks during the process of looking back for base glyphs when attaching marks. * CVE-2023-22006: Fixed a flaw which could result in unauthorized update, insert or delete access for JDK accessible data
Platform: |
SUSE Linux Enterprise Server 15 SP2 |
SUSE Linux Enterprise Server 15 SP3 |
SUSE Linux Enterprise Server 15 SP1 |