SUSE-SU-2022:14875-1 -- SLES java-1_7_1-ibmID: oval:org.secpod.oval:def:89045922 | Date: (C)2022-02-17 (M)2024-02-19 |
Class: PATCH | Family: unix |
This update for java-1_7_1-ibm fixes the following issues: - Update to Java 7.1 Service Refresh 5 Fix Pack 0 - CVE-2021-41035: before version 0.29.0, the openj9 JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods. - CVE-2021-35586: Excessive memory allocation in BMPImageReader. - CVE-2021-35564: Certificates with end dates too far in the future can corrupt keystore. - CVE-2021-35559: Excessive memory allocation in RTFReader. - CVE-2021-35556: Excessive memory allocation in RTFParser. - CVE-2021-35565: Loop in HttpsServer triggered during TLS session close. - CVE-2021-35588: Incomplete validation of inner class references in ClassFileParser. - CVE-2021-2341: Fixed a flaw inside the FtpClient. - CVE-2021-2369: JAR file handling problem containing multiple MANIFEST.MF files. - CVE-2021-2432: Fixed a vulnerability in the omponent JNDI. - CVE-2021-2163: Incomplete enforcement of JAR signing disabled algorithms
Platform: |
SUSE Linux Enterprise Server 11 SP4 |