Gentoo Linux Security Advisory 201903-14 - Multiple vulnerabilities have been found in Oracleas JDK and JRE software suites. Versions less than 1.8.0.202 are affected.
c381dad8caa69e0787771dadeb9e4838aadfef674832136569f7bed7299726acRed Hat Security Advisory 2018-1975-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP15. Issues addressed include a deserialization vulnerability.
8195fccd479514f27690fbfaf526994432154f6f8c773640850c17eae2361e26Red Hat Security Advisory 2018-1974-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP25. Issues addressed include a deserialization vulnerability.
845e1273b91ea122e2412665711776fc99d8d94609b34d54213ab9e3c6cfcc70Ubuntu Security Notice 3691-1 - It was discovered that the Security component of OpenJDK did not correctly perform merging of multiple sections for the same file listed in JAR archive file manifests. An attacker could possibly use this to modify attributes in a manifest without invalidating the signature. Francesco Palmarini, Marco Squarcina, Mauro Tempesta, and Riccardo Focardi discovered that the Security component of OpenJDK did not restrict which classes could be used when deserializing keys from the JCEKS key stores. An attacker could use this to specially craft a JCEKS key store to execute arbitrary code. Various other issues were also addressed.
7d06ec77a02bfafefe9a5d49677b3d153c5882a5ed1dc168714bceea224ce19eDebian Linux Security Advisory 4225-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, execution of arbitrary code or bypass of JAR signature validation.
dda5d0fcd2be222346aff61463dc08a6de7bd42db79fa9a53a40e92f636e1c7dRed Hat Security Advisory 2018-1724-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP25. Issues addressed include a deserialization vulnerability.
2e5dd86e7bb7be2ad0379be9bb23b5763cf5029804d3da6d6184572e3beeb0deRed Hat Security Advisory 2018-1723-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP25. Issues addressed include a deserialization vulnerability.
336aa8a03be2a5c8ac78bdbe977acefaf909e808d197a57be5714d9740292384Red Hat Security Advisory 2018-1722-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP15. Issues addressed include a deserialization vulnerability.
edc73d4ed7139837602c028e2ae9536c4f1081766c634964c910b44a2140e2d2Red Hat Security Advisory 2018-1721-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP15. Issues addressed include deserialization vulnerabilities.
0272152fff5c50359d88831a1d656b2adf44cce4c367b7458def6c8f94cc9d77Ubuntu Security Notice 3644-1 - It was discovered that the Security component of OpenJDK did not correctly perform merging of multiple sections for the same file listed in JAR archive file manifests. An attacker could possibly use this to modify attributes in a manifest without invalidating the signature. Francesco Palmarini, Marco Squarcina, Mauro Tempesta, and Riccardo Focardi discovered that the Security component of OpenJDK did not restrict which classes could be used when deserializing keys from the JCEKS key stores. An attacker could use this to specially craft a JCEKS key store to execute arbitrary code. Various other issues were also addressed.
da85077bce5ffaf12b06fc7b23e6cb9ec18575e068ff9522ebf87774d77786ceRed Hat Security Advisory 2018-1278-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include a bypass vulnerability.
bc4c1a7de774c5033cc7404b418e1050514213ab7f4c0f78240d803da8a857cdRed Hat Security Advisory 2018-1270-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include a bypass vulnerability.
90abdfd20e9beeed02d72eb4ed3bc4db43bd1d767f10dfd4a03634eaa8fb6887Debian Linux Security Advisory 4185-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, execution of arbitrary code or bypass of JAR signature validation.
4b50e9d98efd4b23a87cb5dbfd928c095176bb7fb220d433ff5d2a7e1b55123aRed Hat Security Advisory 2018-1206-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 7 to version 7 Update 181. Issues addressed include a bypass vulnerability.
e5bf1029e4aa44dcd69aad7fa41383bcb94974454c28d57057decc3737455decRed Hat Security Advisory 2018-1201-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 7 to version 7 Update 181. Issues addressed include a bypass vulnerability.
f0af30a7d0964d92200b4de2a66f9a7b450a0a66dab48679eb81c619c2562deaRed Hat Security Advisory 2018-1204-01 - Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 171. Issues addressed include a bypass vulnerability.
e625595928eee1bee979150635556c97b39e82000588df28d2586498feb5fd54Red Hat Security Advisory 2018-1202-01 - Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 171. Issues addressed include a bypass vulnerability.
4a4568e2eff3179d27ae9133da42c48605d7293bda38106834c4a97ce41db187Red Hat Security Advisory 2018-1191-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a bypass vulnerability.
025e0cde2194670d686b880f3a9df16fc361bc15e48a96bca36432c1b9e36190Red Hat Security Advisory 2018-1188-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a bypass vulnerability.
87ae60024967af1a3267d9309cb4cf6625b7d944c43b3532d2896668bae46549
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed