Ubuntu Security Notice 4080-1 - Keegan Ryan discovered that the ECC implementation in OpenJDK was not sufficiently resilient to side-channel attacks. An attacker could possibly use this to expose sensitive information. It was discovered that OpenJDK did not sufficiently validate serial streams before deserializing suppressed exceptions in some situations. An attacker could use this to specially craft an object that, when deserialized, would cause a denial of service. Various other issues were also addressed.
b2f8d3392cdd91986b9855643afae96bc0a7988a22f7cd705a4412588de93befRed Hat Security Advisory 2019-1839-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include a deserialization vulnerability.
0a13367a5983baf5fd94b6e99fd1e90d4d62cd0e78706bd0f4e6b11c0feaa972Red Hat Security Advisory 2019-1840-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include a deserialization vulnerability.
efe76a83a18f395a632251059095882c6835ea73f49af86d8e44dab14a216d65Red Hat Security Advisory 2019-1811-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.
1f26352062bc0ee29c1b17bd8159dd573ce3ba39da8123d3bb174812831a8048Red Hat Security Advisory 2019-1815-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.
7290f02847291817e8143054378a220d432a45dd9217b65bfe0e3cebdf75582cRed Hat Security Advisory 2019-1816-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.
51eeca9bbacbd7b108837b5bf831778b79ff345fba2bbd608e74df1376a43fb5Debian Linux Security Advisory 4485-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in information disclosure, denial of service or bypass of sandbox restrictions. In addition the implementation of elliptic curve cryptography was modernised.
2a6a5cef5dc45e687e7298af94ae6fbff3a526cf53d7d6f9ca470b198ee2ad73
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed