Gentoo Linux Security Advisory 201903-14 - Multiple vulnerabilities have been found in Oracleas JDK and JRE software suites. Versions less than 1.8.0.202 are affected.
c381dad8caa69e0787771dadeb9e4838aadfef674832136569f7bed7299726ac
Ubuntu Security Notice 3691-1 - It was discovered that the Security component of OpenJDK did not correctly perform merging of multiple sections for the same file listed in JAR archive file manifests. An attacker could possibly use this to modify attributes in a manifest without invalidating the signature. Francesco Palmarini, Marco Squarcina, Mauro Tempesta, and Riccardo Focardi discovered that the Security component of OpenJDK did not restrict which classes could be used when deserializing keys from the JCEKS key stores. An attacker could use this to specially craft a JCEKS key store to execute arbitrary code. Various other issues were also addressed.
7d06ec77a02bfafefe9a5d49677b3d153c5882a5ed1dc168714bceea224ce19e
Debian Linux Security Advisory 4225-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, execution of arbitrary code or bypass of JAR signature validation.
dda5d0fcd2be222346aff61463dc08a6de7bd42db79fa9a53a40e92f636e1c7d
Ubuntu Security Notice 3644-1 - It was discovered that the Security component of OpenJDK did not correctly perform merging of multiple sections for the same file listed in JAR archive file manifests. An attacker could possibly use this to modify attributes in a manifest without invalidating the signature. Francesco Palmarini, Marco Squarcina, Mauro Tempesta, and Riccardo Focardi discovered that the Security component of OpenJDK did not restrict which classes could be used when deserializing keys from the JCEKS key stores. An attacker could use this to specially craft a JCEKS key store to execute arbitrary code. Various other issues were also addressed.
da85077bce5ffaf12b06fc7b23e6cb9ec18575e068ff9522ebf87774d77786ce
Red Hat Security Advisory 2018-1278-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include a bypass vulnerability.
bc4c1a7de774c5033cc7404b418e1050514213ab7f4c0f78240d803da8a857cd
Red Hat Security Advisory 2018-1270-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include a bypass vulnerability.
90abdfd20e9beeed02d72eb4ed3bc4db43bd1d767f10dfd4a03634eaa8fb6887
Debian Linux Security Advisory 4185-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, execution of arbitrary code or bypass of JAR signature validation.
4b50e9d98efd4b23a87cb5dbfd928c095176bb7fb220d433ff5d2a7e1b55123a
Red Hat Security Advisory 2018-1206-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 7 to version 7 Update 181. Issues addressed include a bypass vulnerability.
e5bf1029e4aa44dcd69aad7fa41383bcb94974454c28d57057decc3737455dec
Red Hat Security Advisory 2018-1205-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 6 to version 6 Update 191. Issues addressed include a bypass vulnerability.
823e9ee4a3864d6938ab6997285da5e0b5f4892cd4d23fe838a510bc98302381
Red Hat Security Advisory 2018-1201-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 7 to version 7 Update 181. Issues addressed include a bypass vulnerability.
f0af30a7d0964d92200b4de2a66f9a7b450a0a66dab48679eb81c619c2562dea
Red Hat Security Advisory 2018-1204-01 - Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 171. Issues addressed include a bypass vulnerability.
e625595928eee1bee979150635556c97b39e82000588df28d2586498feb5fd54
Red Hat Security Advisory 2018-1203-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 6 to version 6 Update 191. Issues addressed include a bypass vulnerability.
c56a64523d47778f1f10476c8ece3fe2a159457a60fc96b3ccfe9bc4b8a34601
Red Hat Security Advisory 2018-1202-01 - Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 171. Issues addressed include a bypass vulnerability.
4a4568e2eff3179d27ae9133da42c48605d7293bda38106834c4a97ce41db187
Red Hat Security Advisory 2018-1191-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a bypass vulnerability.
025e0cde2194670d686b880f3a9df16fc361bc15e48a96bca36432c1b9e36190
Red Hat Security Advisory 2018-1188-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a bypass vulnerability.
87ae60024967af1a3267d9309cb4cf6625b7d944c43b3532d2896668bae46549