Download
| Alert*
oval:org.secpod.oval:def:2500407
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. oval:org.secpod.oval:def:120923 The OpenJDK 17 runtime environment. oval:org.secpod.oval:def:89045938 This update for java-1_8_0-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 7 Fix Pack 0 - CVE-2021-41035: before version 0.29.0, the openj9 JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods. - CVE-2021-35586: Excessive memory all ... oval:org.secpod.oval:def:89045937 This update for java-1_8_0-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 7 Fix Pack 0 - CVE-2021-41035: before version 0.29.0, the openj9 JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods. - CVE-2021-35586: Excessive memory all ... oval:org.secpod.oval:def:506530 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix: * OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation * OpenJDK: Excessive memory allocation in RTFParser * OpenJDK: Excessiv ... oval:org.secpod.oval:def:89045788 This update for java-1_8_0-openjdk fixes the following issues: Update to version OpenJDK 8u312 : - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS . - CVE-2021-35556: Fixed excessive memory allocation in RTFParser . - CVE-2021-35559: Fixed excessive memory allocation in RTFRe ... oval:org.secpod.oval:def:89045740 This update for java-11-openjdk fixes the following issues: Update to 11.0.13+8 - CVE-2021-35550, bsc#1191901: Update the default enabled cipher suites preference - CVE-2021-35565, bsc#1191909: com.sun.net.HttpsServer spins on TLS session close - CVE-2021-35556, bsc#1191910: Richer Text Editors - C ... oval:org.secpod.oval:def:1700734 There is a flaw in the xml entity encoding functionality of libxml2. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availab ... oval:org.secpod.oval:def:89045940 This update for java-1_7_1-ibm fixes the following issues: - Update to Java 7.1 Service Refresh 5 Fix Pack 0 - CVE-2021-41035: before version 0.29.0, the openj9 JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods. - CVE-2021-35586: Excessive memory all ... oval:org.secpod.oval:def:205903 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: Loop in HttpsServer triggered during TLS session close * OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation * Op ... oval:org.secpod.oval:def:706259 openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:506385 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Loop in HttpsServer triggered during TLS session close * OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation * Ope ... oval:org.secpod.oval:def:506389 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Loop in HttpsServer triggered during TLS session close * OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation * Ope ... oval:org.secpod.oval:def:76501 openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:75576 The host is installed with Oracle Java SE through 7u311, 8u301, 11.0.12 or 17 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Swing. Successful exploitation allows attackers to affect Availability. oval:org.secpod.oval:def:506388 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: Loop in HttpsServer triggered during TLS session close * OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation * Op ... oval:org.secpod.oval:def:78137 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, incorrect Kerberos ticket use, selection of weak ciphers or information disclosure. oval:org.secpod.oval:def:506387 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: Loop in HttpsServer triggered during TLS session close * OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation * Op ... oval:org.secpod.oval:def:89045777 This update for java-11-openjdk fixes the following issues: Update to 11.0.13+8 - CVE-2021-35550, bsc#1191901: Update the default enabled cipher suites preference - CVE-2021-35565, bsc#1191909: com.sun.net.HttpsServer spins on TLS session close - CVE-2021-35556, bsc#1191910: Richer Text Editors - C ... oval:org.secpod.oval:def:506622 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR7. Security Fix: * Oracle JDK: unspecified vulnerability fixed in 8u311 * OpenJDK: Loop in HttpsServer triggered during TLS session close * ... oval:org.secpod.oval:def:89045774 This update for java-1_8_0-openjdk fixes the following issues: Update to version OpenJDK 8u312 : - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS . - CVE-2021-35556: Fixed excessive memory allocation in RTFParser . - CVE-2021-35559: Fixed excessive memory allocation in RTFRe ... oval:org.secpod.oval:def:2106968 Oracle Solaris 11 - ( CVE-2021-3518 ) oval:org.secpod.oval:def:1700766 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network a ... oval:org.secpod.oval:def:85651 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, incorrect Kerberos ticket use, selection of weak ciphers or information disclosure. oval:org.secpod.oval:def:89047182 This update for java-11-openjdk fixes the following issues: Update to 11.0.13+8 - CVE-2021-35550, bsc#1191901: Update the default enabled cipher suites preference - CVE-2021-35565, bsc#1191909: com.sun.net.HttpsServer spins on TLS session close - CVE-2021-35556, bsc#1191910: Richer Text Editors - C ... oval:org.secpod.oval:def:605669 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, incorrect Kerberos ticket use, selection of weak ciphers or information disclosure. The oldstable distribution , needs additional updates to be able to build 11.0.13. An update will be pr ... oval:org.secpod.oval:def:4501346 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix: * OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation * OpenJDK: Excessive memory allocation in RTFParser * OpenJDK: Excessiv ... oval:org.secpod.oval:def:120906 The OpenJDK 11 runtime environment. oval:org.secpod.oval:def:506794 IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR5. Security Fix: * OpenJDK: Loop in HttpsServer triggered during TLS session close * OpenJDK: Excessive memory allocation in RTFP ... oval:org.secpod.oval:def:1505155 [1:11.0.13.0.8-1.0.1] - link atomic for ix86 build [1:11.0.13.0.8-1] - Revert addition of libharfbuzz.so after its removal by JDK-8255790 - Resolves: rhbz#2012332 [1:11.0.13.0.8-1] - Update to jdk-11.0.12.0+8 - Update release notes to 11.0.12.0+8 - Switch to GA mode for final release. - This tarball ... oval:org.secpod.oval:def:89045922 This update for java-1_7_1-ibm fixes the following issues: - Update to Java 7.1 Service Refresh 5 Fix Pack 0 - CVE-2021-41035: before version 0.29.0, the openj9 JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods. - CVE-2021-35586: Excessive memory all ... oval:org.secpod.oval:def:1505273 [1:17.0.1.0.12-2] - Extend LTS check to exclude EPEL. - Related: rhbz#2013841 [1:17.0.1.0.12-2] - Set LTS designator. - Related: rhbz#2013841 [1:17.0.1.0.12-1] - Drop JDK-8272332/RH2004078 patch which is upstream in 17.0.1 - Resolves: rhbz#2013841 [1:17.0.1.0.12-1] - October CPU update to jdk 17.0.1 ... oval:org.secpod.oval:def:1505159 [1:1.8.0.312.b07-1] - Update to aarch64-shenandoah-jdk8u312-b07 - Update release notes for 8u312-b07. - Switch to GA mode for final release. - This tarball is embargoed until 2021-10-19 @ 1pm PT. - Resolves: rhbz#2011826 [1:1.8.0.312.b05-0.3.ea] - Add patch to improve performance of common separato ... oval:org.secpod.oval:def:1601509 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network a ... oval:org.secpod.oval:def:1505158 [1:1.8.0.312.b07-1] - Update to aarch64-shenandoah-jdk8u312-b07 - Update release notes for 8u312-b07. - Switch to GA mode for final release. - This tarball is embargoed until 2021-10-19 @ 1pm PT. - Resolves: rhbz#2011826 [1:1.8.0.312.b05-0.4.ea] - Allow plain key import to be disabled with -Dcom.re ... oval:org.secpod.oval:def:78638 The host is missing a patch containing a security fixes, which affects the following package(s): Java oval:org.secpod.oval:def:1505157 [1:11.0.13.0.8-1] - Update to jdk-11.0.12.0+8 - Update release notes to 11.0.12.0+8 - Switch to GA mode for final release. - This tarball is embargoed until 2021-10-19 @ 1pm PT. - Resolves: rhbz#2012333 [1:11.0.13.0.7-0.1.ea] - Update to jdk-11.0.13.0+7 - Update release notes to 11.0.13.0+7 - Update ... oval:org.secpod.oval:def:120911 The OpenJDK 8 runtime environment. oval:org.secpod.oval:def:120910 The OpenJDK 11 runtime environment. oval:org.secpod.oval:def:2500511 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. oval:org.secpod.oval:def:88318 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, incorrect Kerberos ticket use, selection of weak ciphers or information disclosure. The oldstable distribution , needs additional updates to be able to build 11.0.13. An update will be pr ... oval:org.secpod.oval:def:2500354 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. oval:org.secpod.oval:def:75913 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: Loop in HttpsServer triggered during TLS session close * OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation * Op ... oval:org.secpod.oval:def:75912 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Loop in HttpsServer triggered during TLS session close * OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation * Ope ... oval:org.secpod.oval:def:77019 openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:120916 The OpenJDK 8 runtime environment. oval:org.secpod.oval:def:75561 The host is installed with Oracle Java SE through 7u311, 8u301, 11.0.12 or 17 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Swing. Successful exploitation allows attackers to affect Availability. oval:org.secpod.oval:def:205911 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Loop in HttpsServer triggered during TLS session close * OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation * Ope ... oval:org.secpod.oval:def:120921 The OpenJDK 17 runtime environment. oval:org.secpod.oval:def:89045792 This update for java-1_7_0-openjdk fixes the following issues: Update to OpenJDK 7u321 : - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS . - CVE-2021-35556: Fixed excessive memory allocation in RTFParser . - CVE-2021-35559: Fixed excessive memory allocation in RTFReader . - ... oval:org.secpod.oval:def:605730 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, incorrect Kerberos ticket use, selection of weak ciphers or information disclosure. oval:org.secpod.oval:def:605693 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, incorrect Kerberos ticket use, selection of weak ciphers or information disclosure. oval:org.secpod.oval:def:97673 [CLSA-2022:1661176564] Fixed 50 CVEs in java-1.7.0-openjdk oval:org.secpod.oval:def:75412 The host is installed with Oracle Java SE through 7u311, 8u301, 11.0.12 or 17, or Azul Zulu 6 before 6.43, 7 before 7.49, 8 before 8.57, 11 before 11.51, 13 before 13.43, or 15 before 15.35 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vect ... |