Download
| Alert*
oval:org.secpod.oval:def:2500407
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. oval:org.secpod.oval:def:89045788 This update for java-1_8_0-openjdk fixes the following issues: Update to version OpenJDK 8u312 : - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS . - CVE-2021-35556: Fixed excessive memory allocation in RTFParser . - CVE-2021-35559: Fixed excessive memory allocation in RTFRe ... oval:org.secpod.oval:def:89045740 This update for java-11-openjdk fixes the following issues: Update to 11.0.13+8 - CVE-2021-35550, bsc#1191901: Update the default enabled cipher suites preference - CVE-2021-35565, bsc#1191909: com.sun.net.HttpsServer spins on TLS session close - CVE-2021-35556, bsc#1191910: Richer Text Editors - C ... oval:org.secpod.oval:def:1700734 There is a flaw in the xml entity encoding functionality of libxml2. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availab ... oval:org.secpod.oval:def:205903 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: Loop in HttpsServer triggered during TLS session close * OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation * Op ... oval:org.secpod.oval:def:706259 openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:506385 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Loop in HttpsServer triggered during TLS session close * OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation * Ope ... oval:org.secpod.oval:def:76501 openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:506389 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Loop in HttpsServer triggered during TLS session close * OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation * Ope ... oval:org.secpod.oval:def:506388 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: Loop in HttpsServer triggered during TLS session close * OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation * Op ... oval:org.secpod.oval:def:78137 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, incorrect Kerberos ticket use, selection of weak ciphers or information disclosure. oval:org.secpod.oval:def:506387 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: Loop in HttpsServer triggered during TLS session close * OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation * Op ... oval:org.secpod.oval:def:89045777 This update for java-11-openjdk fixes the following issues: Update to 11.0.13+8 - CVE-2021-35550, bsc#1191901: Update the default enabled cipher suites preference - CVE-2021-35565, bsc#1191909: com.sun.net.HttpsServer spins on TLS session close - CVE-2021-35556, bsc#1191910: Richer Text Editors - C ... oval:org.secpod.oval:def:89045774 This update for java-1_8_0-openjdk fixes the following issues: Update to version OpenJDK 8u312 : - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS . - CVE-2021-35556: Fixed excessive memory allocation in RTFParser . - CVE-2021-35559: Fixed excessive memory allocation in RTFRe ... oval:org.secpod.oval:def:75580 The host is installed with Oracle Java SE through 7u311, 8u301 or 11.0.12 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JSSE. Successful exploitation allows attackers to affect Confidentiality. oval:org.secpod.oval:def:2106968 Oracle Solaris 11 - ( CVE-2021-3518 ) oval:org.secpod.oval:def:1700766 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network a ... oval:org.secpod.oval:def:89047182 This update for java-11-openjdk fixes the following issues: Update to 11.0.13+8 - CVE-2021-35550, bsc#1191901: Update the default enabled cipher suites preference - CVE-2021-35565, bsc#1191909: com.sun.net.HttpsServer spins on TLS session close - CVE-2021-35556, bsc#1191910: Richer Text Editors - C ... oval:org.secpod.oval:def:605669 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, incorrect Kerberos ticket use, selection of weak ciphers or information disclosure. The oldstable distribution , needs additional updates to be able to build 11.0.13. An update will be pr ... oval:org.secpod.oval:def:120906 The OpenJDK 11 runtime environment. oval:org.secpod.oval:def:506797 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR7-FP5. Security Fix: * OpenJDK: Weak ciphers preferred over stronger ones for TLS * OpenJDK: Incomplete deserialization class filtering in Ob ... oval:org.secpod.oval:def:75565 The host is installed with Oracle Java SE through 7u311, 8u301 or 11.0.12 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JSSE. Successful exploitation allows attackers to affect Confidentiality. oval:org.secpod.oval:def:1505155 [1:11.0.13.0.8-1.0.1] - link atomic for ix86 build [1:11.0.13.0.8-1] - Revert addition of libharfbuzz.so after its removal by JDK-8255790 - Resolves: rhbz#2012332 [1:11.0.13.0.8-1] - Update to jdk-11.0.12.0+8 - Update release notes to 11.0.12.0+8 - Switch to GA mode for final release. - This tarball ... oval:org.secpod.oval:def:75496 The host is installed with Oracle Java SE through 7u311, 8u301 or 11.0.12 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JSSE. Successful exploitation allows attackers to affect Confidentiality. oval:org.secpod.oval:def:506798 IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR5-FP5. Security Fix: * OpenJDK: Weak ciphers preferred over stronger ones for TLS * OpenJDK: Incomplete deserialization class fil ... oval:org.secpod.oval:def:1505159 [1:1.8.0.312.b07-1] - Update to aarch64-shenandoah-jdk8u312-b07 - Update release notes for 8u312-b07. - Switch to GA mode for final release. - This tarball is embargoed until 2021-10-19 @ 1pm PT. - Resolves: rhbz#2011826 [1:1.8.0.312.b05-0.3.ea] - Add patch to improve performance of common separato ... oval:org.secpod.oval:def:1601509 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network a ... oval:org.secpod.oval:def:1505158 [1:1.8.0.312.b07-1] - Update to aarch64-shenandoah-jdk8u312-b07 - Update release notes for 8u312-b07. - Switch to GA mode for final release. - This tarball is embargoed until 2021-10-19 @ 1pm PT. - Resolves: rhbz#2011826 [1:1.8.0.312.b05-0.4.ea] - Allow plain key import to be disabled with -Dcom.re ... oval:org.secpod.oval:def:1505157 [1:11.0.13.0.8-1] - Update to jdk-11.0.12.0+8 - Update release notes to 11.0.12.0+8 - Switch to GA mode for final release. - This tarball is embargoed until 2021-10-19 @ 1pm PT. - Resolves: rhbz#2012333 [1:11.0.13.0.7-0.1.ea] - Update to jdk-11.0.13.0+7 - Update release notes to 11.0.13.0+7 - Update ... oval:org.secpod.oval:def:120911 The OpenJDK 8 runtime environment. oval:org.secpod.oval:def:120910 The OpenJDK 11 runtime environment. oval:org.secpod.oval:def:2500511 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. oval:org.secpod.oval:def:88318 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, incorrect Kerberos ticket use, selection of weak ciphers or information disclosure. The oldstable distribution , needs additional updates to be able to build 11.0.13. An update will be pr ... oval:org.secpod.oval:def:86651 The host is missing a patch containing a security fixes, which affects the following package(s): Java oval:org.secpod.oval:def:75913 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: Loop in HttpsServer triggered during TLS session close * OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation * Op ... oval:org.secpod.oval:def:75912 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Loop in HttpsServer triggered during TLS session close * OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation * Ope ... oval:org.secpod.oval:def:77019 openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:120916 The OpenJDK 8 runtime environment. oval:org.secpod.oval:def:205911 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Loop in HttpsServer triggered during TLS session close * OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation * Ope ... oval:org.secpod.oval:def:89045792 This update for java-1_7_0-openjdk fixes the following issues: Update to OpenJDK 7u321 : - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS . - CVE-2021-35556: Fixed excessive memory allocation in RTFParser . - CVE-2021-35559: Fixed excessive memory allocation in RTFReader . - ... oval:org.secpod.oval:def:605730 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, incorrect Kerberos ticket use, selection of weak ciphers or information disclosure. oval:org.secpod.oval:def:97673 [CLSA-2022:1661176564] Fixed 50 CVEs in java-1.7.0-openjdk oval:org.secpod.oval:def:75411 The host is installed with Oracle Java SE through 7u311, 8u301 or 11.0.12, or Azul Zulu 6 before 6.43, 7 before 7.49, 8 before 8.57, 11 before 11.51 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JSSE. Successful exploitat ... |