Download
| Alert*
oval:org.secpod.oval:def:2500527
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. oval:org.secpod.oval:def:121617 The OpenJDK 8 runtime environment. oval:org.secpod.oval:def:1700848 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated at ... oval:org.secpod.oval:def:1700974 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated at ... oval:org.secpod.oval:def:506657 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix: * OpenJDK: Incomplete deserialization class filtering in ObjectInputStream * OpenJDK: Incorrect reading of TIFF files in TIFFNullDecompressor * OpenJDK: In ... oval:org.secpod.oval:def:77494 The host is installed with Oracle Java SE through 7u321, 8u311, 11.0.13 or 17.0.1 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Libraries. Successful exploitation allows attackers to affect Availability. oval:org.secpod.oval:def:4500906 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix: * OpenJDK: Incomplete deserialization class filtering in ObjectInputStream * OpenJDK: Incorrect reading of TIFF files in TIFFNullDecompressor * OpenJDK: In ... oval:org.secpod.oval:def:2500518 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. oval:org.secpod.oval:def:2500517 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. oval:org.secpod.oval:def:506661 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Incomplete deserialization class filtering in ObjectInputStream * OpenJDK: Incorrect reading of TIFF files in TIFFNullDecompressor * OpenJDK: In ... oval:org.secpod.oval:def:1505382 [1:11.0.14.0.9-2] - Fix FIPS issues in native code and with initialisation of java.security.Security - Related: rhbz#2039366 [1:11.0.14.0.9-1] - Update to jdk-11.0.14.0+9 - Update release notes to 11.0.14.0+9 - Switch to GA mode for final release. - This tarball is embargoed until 2022-01-18 @ 1pm P ... oval:org.secpod.oval:def:3000319 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, bypass of deserialization restrictions or information disclosure. oval:org.secpod.oval:def:506662 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Incomplete deserialization class filtering in ObjectInputStream * OpenJDK: Incorrect reading of TIFF files in TIFFNullDecompressor * OpenJDK: In ... oval:org.secpod.oval:def:77313 The host is installed with Oracle Java SE through 7u321, 8u311, 11.0.13 or 17.0.1 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Libraries. Successful exploitation allows attackers to affect Availability. oval:org.secpod.oval:def:205933 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Incomplete deserialization class filtering in ObjectInputStream * OpenJDK: Incorrect reading of TIFF files in TIFFNullDecompressor * OpenJDK: In ... oval:org.secpod.oval:def:1700845 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated at ... oval:org.secpod.oval:def:89046068 This update for java-11-openjdk fixes the following issues: - CVE-2022-21248: Fixed incomplete deserialization class filtering in ObjectInputStream. - CVE-2022-21277: Fixed incorrect reading of TIFF files in TIFFNullDecompressor. - CVE-2022-21282: Fixed Insufficient URI checks in the XSLT Transfor ... oval:org.secpod.oval:def:89046141 This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u322 Including the following security fixes: - CVE-2022-21248, bsc#1194926: Enhance cross VM serialization - CVE-2022-21283, bsc#1194937: Better String matching - CVE-2022-21293, bsc#1194935: Improve String constru ... oval:org.secpod.oval:def:205935 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: Incomplete deserialization class filtering in ObjectInputStream * OpenJDK: Insufficient URI checks in the XSLT TransformerImpl * OpenJDK: Unexp ... oval:org.secpod.oval:def:706338 openjdk-17: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:89046140 This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u322 Including the following security fixes: - CVE-2022-21248, bsc#1194926: Enhance cross VM serialization - CVE-2022-21283, bsc#1194937: Better String matching - CVE-2022-21293, bsc#1194935: Improve String constru ... oval:org.secpod.oval:def:2107078 Oracle Solaris 11 - ( CVE-2022-21271 ) oval:org.secpod.oval:def:89046171 This update for java-1_8_0-ibm fixes the following issues: Update Java 8.0 to Service Refresh 7 Fix Pack 5 . Including fixes for the following vulnerabilities: CVE-2022-21366, CVE-2022-21365, CVE-2022-21360, CVE-2022-21349, CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21277, CVE-2022-212 ... oval:org.secpod.oval:def:4501069 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: Incomplete deserialization class filtering in ObjectInputStream * OpenJDK: Insufficient URI checks in the XSLT TransformerImpl * OpenJDK: Unexp ... oval:org.secpod.oval:def:506676 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: Incomplete deserialization class filtering in ObjectInputStream * OpenJDK: Insufficient URI checks in the XSLT TransformerImpl * OpenJDK: Unexp ... oval:org.secpod.oval:def:506797 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR7-FP5. Security Fix: * OpenJDK: Weak ciphers preferred over stronger ones for TLS * OpenJDK: Incomplete deserialization class filtering in Ob ... oval:org.secpod.oval:def:1505392 [1:1.8.0.322.b06-2] - Fix FIPS issues in native code and with initialisation of java.security.Security - Related: rhbz#2039366 [1:1.8.0.322.b06-1] - Update to aarch64-shenandoah-jdk8u322-b06 - Update release notes for 8u322-b06. - Switch to GA mode for final release. - Require tzdata 2021e as of JD ... oval:org.secpod.oval:def:506675 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: Incomplete deserialization class filtering in ObjectInputStream * OpenJDK: Insufficient URI checks in the XSLT TransformerImpl * OpenJDK: Unexp ... oval:org.secpod.oval:def:77477 The host is installed with Oracle Java SE through 7u321, 8u311, 11.0.13 or 17.0.1 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Libraries. Successful exploitation allows attackers to affect Availability. oval:org.secpod.oval:def:121688 The OpenJDK 11 runtime environment. oval:org.secpod.oval:def:1505395 [1:1.8.0.322.b06-1] - Update to aarch64-shenandoah-jdk8u322-b06 - Update release notes for 8u322-b06. - Switch to GA mode for final release. - Require tzdata 2021e as of JDK-8275766. - Update tarball generation script to use git following shenandoah-jdk8u"s move to github - Resolves: rhbz#2039366 [ ... oval:org.secpod.oval:def:506798 IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR5-FP5. Security Fix: * OpenJDK: Weak ciphers preferred over stronger ones for TLS * OpenJDK: Incomplete deserialization class fil ... oval:org.secpod.oval:def:1505433 [1:11.0.14.0.9-1.0.1] - link atomic for ix86 build [1:11.0.14.0.9-1] - Update to jdk-11.0.14.0+9 - Update release notes to 11.0.14.0+9 - Switch to GA mode for final release. - This tarball is embargoed until 2022-01-18 @ 1pm PT. - Resolves: rhbz#2039366 [1:11.0.14.0.8-0.1.ea] - Update to jdk-11.0.14 ... oval:org.secpod.oval:def:605785 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, bypass of deserialization restrictions or information disclosure. oval:org.secpod.oval:def:89046176 This update for java-1_7_1-ibm fixes the following issues: Update Java 7.1 to Service Refresh 7 Fix Pack 5 . Including fixes for the following vulnerabilities: CVE-2022-21366, CVE-2022-21365, CVE-2022-21360, CVE-2022-21349, CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21277, CVE-2022-212 ... oval:org.secpod.oval:def:605782 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, bypass of deserialization restrictions or information disclosure. oval:org.secpod.oval:def:3301045 SUSE Security Update: Security update for java-1_8_0-openjdk oval:org.secpod.oval:def:86651 The host is missing a patch containing a security fixes, which affects the following package(s): Java oval:org.secpod.oval:def:4501091 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Incomplete deserialization class filtering in ObjectInputStream * OpenJDK: Incorrect reading of TIFF files in TIFFNullDecompressor * OpenJDK: In ... oval:org.secpod.oval:def:78155 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, bypass of deserialization restrictions or information disclosure. oval:org.secpod.oval:def:78432 openjdk-17: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:89047616 This update for java-11-openjdk fixes the following issues: - CVE-2022-21248: Fixed incomplete deserialization class filtering in ObjectInputStream. - CVE-2022-21277: Fixed incorrect reading of TIFF files in TIFFNullDecompressor. - CVE-2022-21282: Fixed Insufficient URI checks in the XSLT Transfor ... oval:org.secpod.oval:def:1505440 [1:17.0.2.0.8-4] - Fix FIPS issues in native code and with initialisation of java.security.Security - Related: rhbz#2039366 [1:17.0.2.0.8-3] - Update tapsets from IcedTea 6.x repository with fix for JDK-8015774 changes oval:org.secpod.oval:def:121613 The OpenJDK 8 runtime environment. oval:org.secpod.oval:def:121579 The OpenJDK 17 runtime environment. oval:org.secpod.oval:def:121491 The OpenJDK 11 runtime environment. oval:org.secpod.oval:def:89046167 This update for java-1_8_0-ibm fixes the following issues: Update Java 8.0 to Service Refresh 7 Fix Pack 5 . Including fixes for the following vulnerabilities: CVE-2022-21366, CVE-2022-21365, CVE-2022-21360, CVE-2022-21349, CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21277, CVE-2022-212 ... oval:org.secpod.oval:def:121490 The OpenJDK 17 runtime environment. oval:org.secpod.oval:def:86601 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, bypass of deserialization restrictions or information disclosure. oval:org.secpod.oval:def:3301357 SUSE Security Update: Security update for java-1_8_0-ibm oval:org.secpod.oval:def:89046162 This update for java-1_7_1-ibm fixes the following issues: Update Java 7.1 to Service Refresh 7 Fix Pack 5 . Including fixes for the following vulnerabilities: CVE-2022-21366, CVE-2022-21365, CVE-2022-21360, CVE-2022-21349, CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21277, CVE-2022-212 ... oval:org.secpod.oval:def:1601579 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated at ... oval:org.secpod.oval:def:1601578 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated at ... oval:org.secpod.oval:def:97673 [CLSA-2022:1661176564] Fixed 50 CVEs in java-1.7.0-openjdk oval:org.secpod.oval:def:1700999 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated at ... oval:org.secpod.oval:def:77333 The host is installed with Oracle Java SE through 7u321, 8u311, 11.0.13 or 17.0.1, or Azul Zulu 6 before 6.45, 7 before 7.51, 8 before 8.59, 11 before 11.53, 13 before 13.45, or 15 before 15.37 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle ... oval:org.secpod.oval:def:1701191 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated at ... |