[Forgot Password]
Login  Register Subscribe

26408

 
 

132812

 
 

153620

 
 

909

 
 

123403

 
 

162

Paid content will be excluded from the download.


Download | Alert*
OVAL

CESA-2018:2242 -- centos 7 java-1.8.0-openjdk

ID: oval:org.secpod.oval:def:204859Date: (C)2018-07-31   (M)2020-10-15
Class: PATCHFamily: unix




The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: insufficient index validation in PatternSyntaxException getMessage For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. Bug Fix: * This update applies changes from OpenJDK upstream version 8u172, which provides a number of bug fixes over the previous version, 8u171. * OpenJDK was recently updated to support reading the system certificate authority database directly. As an unintended consequence, this removed the ability to read certificates from the user-provided jssecacerts file. With this update, that ability is restored by reading from that file first, if available

Platform:
CentOS 7
Product:
java-1.8.0-openjdk
Reference:
CESA-2018:2242
CVE-2018-2952
CVE    1
CVE-2018-2952
CPE    2
cpe:/o:centos:centos:7
cpe:/a:oracle:java-1.8.0-openjdk

© SecPod Technologies