Gentoo Linux Security Advisory 201908-10 - Multiple vulnerabilities have been found in Oracle's JDK and JRE software suites. Versions less than 1.8.0.202:1.8 are affected.
92eaf04612298402d520565d158aa4cdf0610a9748c3117d082bf3e1de650ebc
Red Hat Security Advisory 2018-3521-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include improper field access checks.
de949b263bbfc36b1296f1a9a13e63a555b2d7005bddc5b1bee8a2150076f2ee
Ubuntu Security Notice 3804-1 - It was discovered that the Security component of OpenJDK did not properly ensure that manifest elements were signed before use. An attacker could possibly use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. Artem Smotrakov discovered that the HTTP client redirection handler implementation in OpenJDK did not clear potentially sensitive information in HTTP headers when following redirections to different hosts. An attacker could use this to expose sensitive information. Various other issues were also addressed.
e15df950ae42ae2ab659edb3e6cfece0fc615c4b7f8a387f8da9c1dd1bc78e46