RHSA-2022:0968-01 -- Redhat javaID: oval:org.secpod.oval:def:506797 | Date: (C)2022-10-20 (M)2024-02-19 |
Class: PATCH | Family: unix |
IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR7-FP5. Security Fix: * OpenJDK: Weak ciphers preferred over stronger ones for TLS * OpenJDK: Incomplete deserialization class filtering in ObjectInputStream * OpenJDK: Incomplete checks of StringBuffer and StringBuilder during deserialization * OpenJDK: Incorrect IdentityHashMap size checks during deserialization * OpenJDK: Excessive resource use when reading JAR manifest attributes * OpenJDK: Insufficient checks when deserializing exceptions in ObjectInputStream * OpenJDK: Excessive memory allocation in BMPImageReader * OpenJDK: Integer overflow in BMPImageReader * OpenJDK: Non-constant comparison during TLS handshakes For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Platform: |
Red Hat Enterprise Linux 7 |