Download
| Alert*
oval:org.secpod.oval:def:1601579
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated at ... oval:org.secpod.oval:def:1601578 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated at ... oval:org.secpod.oval:def:506970 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: Defective secure validation in Apache Santuario * OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions * OpenJDK: Impr ... oval:org.secpod.oval:def:4500901 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Defective secure validation in Apache Santuario * OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions * OpenJDK: Impro ... oval:org.secpod.oval:def:506975 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix: * OpenJDK: Improper ECDSA signature verification * OpenJDK: Defective secure validation in Apache Santuario * OpenJDK: Unbounded memory allocation when com ... oval:org.secpod.oval:def:1505577 [1:17.0.3.0.6-2] - Add JDK-8284920 fix for XPath regression - Related: rhbz#2073575 [1:17.0.3.0.6-2] - JDK-8275082 should be listed as also resolving JDK-8278008 CVE-2022-21476 - Related: rhbz#2073575 [1:17.0.3.0.6-1] - JDK-8283911 patch no longer needed now we"re GA... - Resolves: rhbz#2073575 [1: ... oval:org.secpod.oval:def:506816 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Defective secure validation in Apache Santuario * OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions * OpenJDK: Impro ... oval:org.secpod.oval:def:89047404 This update for java-11-openjdk fixes the following issues: - CVE-2022-21426: Fixed Oracle Java SE compromission via unauthenticated attacker with network access via multiple protocols . - CVE-2022-21434: Fixed Oracle Java SE compromission via unauthenticated attacker with network access via multipl ... oval:org.secpod.oval:def:1505576 [1:11.0.15.0.9-2.0.1] - link atomic for ix86 build [1:11.0.15.0.9-2] - Add JDK-8284920 fix for XPath regression - Related: rhbz#2073422 [1:11.0.15.0.9-2] - Remove security items from release notes that were only in 17u and N/A for 11u - Related: rhbz#2073422 [1:11.0.15.0.9-1] - Update to jdk-11.0.15 ... oval:org.secpod.oval:def:506819 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: Defective secure validation in Apache Santuario * OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions * OpenJDK: Impr ... oval:org.secpod.oval:def:1505579 [1:1.8.0.332.b09-1] - Update to shenandoah-jdk8u332-b09 - Update release notes for 8u332-b09. - Switch to GA mode for final release. - This tarball is embargoed until 2022-04-19 @ 1pm PT. - Resolves: rhbz#2073422 [1:1.8.0.332.b06-0.1.ea] - Update to shenandoah-jdk8u332-b06 - Update release notes f ... oval:org.secpod.oval:def:506818 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix: * OpenJDK: Improper ECDSA signature verification * OpenJDK: Defective secure validation in Apache Santuario * OpenJDK: Unbounded memory allocation when com ... oval:org.secpod.oval:def:1505578 [1:1.8.0.332.b09-1] - Update to shenandoah-jdk8u332-b09 - Update release notes for 8u332-b09. - Switch to GA mode for final release. - This tarball is embargoed until 2022-04-19 @ 1pm PT. - Resolves: rhbz#2073422 [1:1.8.0.332.b06-0.1.ea] - Update to shenandoah-jdk8u332-b06 - Update release notes f ... oval:org.secpod.oval:def:3301225 SUSE Security Update: Security update for java-11-openjdk oval:org.secpod.oval:def:506817 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. The following packages have been upgraded to a later upstream version: java-11-openjdk . Security Fix: * OpenJDK: Defective secure validation in Apache Santuario * OpenJD ... oval:org.secpod.oval:def:607380 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in information disclosure, incorrect validation of ECDSA signatures or denial of service. oval:org.secpod.oval:def:706427 openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:2500574 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. oval:org.secpod.oval:def:607382 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in information disclosure or denial of service. oval:org.secpod.oval:def:86431 openjdk-17: Open Source Java implementation - openjdk-18: Open Source Java implementation - openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:4501039 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: Defective secure validation in Apache Santuario * OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions * OpenJDK: Impr ... oval:org.secpod.oval:def:89046815 This update for java-1_8_0-ibm fixes the following issues: Update to Java 8.0 Service Refresh 7 Fix Pack 10 , including fixes for: - CVE-2022-21476 , CVE-2022-21449 , CVE-2022-21496 , CVE-2022-21434 , CVE-2022-21426 , CVE-2022-21443 , CVE-2021-35561 , CVE-2022-21299 . oval:org.secpod.oval:def:1700886 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unaut ... oval:org.secpod.oval:def:1700885 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unaut ... oval:org.secpod.oval:def:1700884 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unaut ... oval:org.secpod.oval:def:97673 [CLSA-2022:1661176564] Fixed 50 CVEs in java-1.7.0-openjdk oval:org.secpod.oval:def:506820 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: Defective secure validation in Apache Santuario * OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions * OpenJDK: Impr ... oval:org.secpod.oval:def:4501106 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix: * OpenJDK: Improper ECDSA signature verification * OpenJDK: Defective secure validation in Apache Santuario * OpenJDK: Unbounded memory allocation when com ... oval:org.secpod.oval:def:3301334 SUSE Security Update: Security update for java-1_8_0-openjdk oval:org.secpod.oval:def:3301335 SUSE Security Update: Security update for java-1_8_0-ibm oval:org.secpod.oval:def:86389 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in information disclosure, incorrect validation of ECDSA signatures or denial of service. oval:org.secpod.oval:def:88521 openjdk-17: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:1505591 [1:11.0.15.0.9-2] - Add JDK-8284920 fix for XPath regression - Related: rhbz#2073422 [1:11.0.15.0.9-2] - Remove security items from release notes that were only in 17u and N/A for 11u - Related: rhbz#2073422 [1:11.0.15.0.9-1] - Update to jdk-11.0.15.0+9 - Update release notes to 11.0.15.0+9 - Switch ... oval:org.secpod.oval:def:89046804 This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u332 - April 2022 CPU - CVE-2022-21426: Better XPath expression handling - CVE-2022-21443: Improved Object Identification - CVE-2022-21434: Better invocation handler handling - CVE-2022-21476: Improve Santuario ... oval:org.secpod.oval:def:89046814 This update for java-1_7_1-ibm fixes the following issues: Update to Java 7.1 Service Refresh 5 Fix Pack 10 , including fixes for: - CVE-2022-21476 , CVE-2022-21449 , CVE-2022-21496 , CVE-2022-21434 , CVE-2022-21426 , CVE-2022-21443 , CVE-2021-35561 , CVE-2022-21299 . oval:org.secpod.oval:def:1701005 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unaut ... oval:org.secpod.oval:def:1505874 [1:17.0.3.0.7-1] - April 2022 security update to jdk 17.0.3+7 - Update to jdk-17.0.3.0+7 tarball - Update release notes to 17.0.3.0+7 - Add missing README.md and generate_source_tarball.sh - Resolves: rhbz#2073578 oval:org.secpod.oval:def:89046810 This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u332 - April 2022 CPU - CVE-2022-21426: Better XPath expression handling - CVE-2022-21443: Improved Object Identification - CVE-2022-21434: Better invocation handler handling - CVE-2022-21476: Improve Santuario ... oval:org.secpod.oval:def:1700999 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated at ... oval:org.secpod.oval:def:1505875 [1:1.8.0.332.b09-1] - Update to shenandoah-jdk8u332-b09 - Update release notes for 8u332-b09. - Resolves: rhbz#2074649 oval:org.secpod.oval:def:707659 openjdk-17: Open Source Java implementation - openjdk-18: Open Source Java implementation - openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:80430 openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:80398 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in information disclosure or denial of service. oval:org.secpod.oval:def:2500618 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. oval:org.secpod.oval:def:706430 openjdk-17: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:79046 The host is installed with Oracle Java SE through 7u331, 8u321, 11.0.14, 17.0.2 or 18 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Libraries. Successful exploitation allows attackers to affect Confidentiality. oval:org.secpod.oval:def:97642 [CLSA-2022:1654174749] Fixed CVEs in java-1.8.0-openjdk: CVE-2022-21434, CVE-2022-21443, CVE-2022-21476, CVE-2022-21426, CVE-2022-21496 oval:org.secpod.oval:def:1505883 [1:11.0.15.0.10-1] - Update to jdk-11.0.15.0+10 - Update release notes to 11.0.15.0+10 - Switch to GA mode for release - Rebase RH1996182 FIPS patch after JDK-8254410 - Resolves: rhbz#2073594 oval:org.secpod.oval:def:506964 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Defective secure validation in Apache Santuario * OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions * OpenJDK: Impro ... oval:org.secpod.oval:def:205955 Security Fix: OpenJDK: Defective secure validation in Apache Santuario OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler OpenJDK: Missing check for negative ObjectIdentifier OpenJDK: URI ... oval:org.secpod.oval:def:89046841 This update for java-1_8_0-ibm fixes the following issues: Update to Java 8.0 Service Refresh 7 Fix Pack 10 [bsc#1201643] - CVE-2022-21476 , CVE-2022-21449 , CVE-2022-21496 , CVE-2022-21434 , CVE-2022-21426 , CVE-2022-21443 , CVE-2021-35561 , CVE-2022-21299 . oval:org.secpod.oval:def:2500545 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. oval:org.secpod.oval:def:205956 Security Fix: OpenJDK: Defective secure validation in Apache Santuario OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler OpenJDK: Missing check for negative ObjectIdentifier OpenJDK: URI ... oval:org.secpod.oval:def:89046282 This update for java-11-openjdk fixes the following issues: - CVE-2022-21426: Fixed Oracle Java SE compromission via unauthenticated attacker with network access via multiple protocols . - CVE-2022-21434: Fixed Oracle Java SE compromission via unauthenticated attacker with network access via multipl ... oval:org.secpod.oval:def:89046283 This update for java-11-openjdk fixes the following issues: - CVE-2022-21426: Fixed Oracle Java SE compromission via unauthenticated attacker with network access via multiple protocols . - CVE-2022-21434: Fixed Oracle Java SE compromission via unauthenticated attacker with network access via multipl ... oval:org.secpod.oval:def:79053 The host is installed with Oracle Java SE through 7u331, 8u321, 11.0.14, 17.0.2 or 18, or Azul Zulu 6 before 6.47, 7 before 7.53, 8 before 8.61, 11 before 11.55, 13 before 13.47, 15 before 15.39, or 17 before 17.33 and is prone to an unspecified vulnerability. A flaw is present in the application, w ... |