RHSA-2022:1729-01 -- Redhat java-17-openjdkID: oval:org.secpod.oval:def:506975 | Date: (C)2022-06-10 (M)2024-02-29 |
Class: PATCH | Family: unix |
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix: * OpenJDK: Improper ECDSA signature verification * OpenJDK: Defective secure validation in Apache Santuario * OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions * OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler * OpenJDK: Missing check for negative ObjectIdentifier * OpenJDK: URI parsing inconsistencies For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Platform: |
Red Hat Enterprise Linux 9 |