The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: Incomplete deserialization class filtering in ObjectInputStream * OpenJDK: Insufficient URI checks in the XSLT TransformerImpl * OpenJDK: Unexpected exception thrown in regex Pattern * OpenJDK: Incomplete checks of StringBuffer and StringBuilder during deserialization * OpenJDK: Incorrect IdentityHashMap size checks during deserialization * OpenJDK: Incorrect access checks in XMLEntityManager * OpenJDK: Infinite loop related to incorrect handling of newlines in XMLEntityScanner * OpenJDK: Array indexing issues in LIRGenerator * OpenJDK: Excessive resource use when reading JAR manifest attributes * OpenJDK: Insufficient checks when deserializing exceptions in ObjectInputStream * OpenJDK: Excessive memory allocation in BMPImageReader * OpenJDK: Integer overflow in BMPImageReader For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.