Ubuntu Security Notice 5546-1 - Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 17 and OpenJDK 18. It was discovered that OpenJDK incorrectly limited memory when compiling a specially crafted XPath expression. An attacker could possibly use this issue to cause a denial of service. This issue was fixed in OpenJDK 8 and OpenJDK 18. USN-5388-1 and USN-5388-2 addressed this issue in OpenJDK 11 and OpenJDK 17.
84c887787fbc010de3680aa29d38e80563065655d3f3e4aab5622447751585c1
Ubuntu Security Notice 5546-2 - USN-5546-1 fixed vulnerabilities in OpenJDK. This update provides the corresponding updates for Ubuntu 16.04 ESM. Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 17 and OpenJDK 18.
87c3a989ef7c811d1439e85194a5e4c23b3972fb68b3f204b750638318cec97c
Red Hat Security Advisory 2022-1729-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.
193acfb8fd4a848662512e967b82bcb4369a13a63c6386e7f82b7dc4abadb38d
Debian Linux Security Advisory 5128-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in information disclosure, incorrect validation of ECDSA signatures or denial of service.
0324657fa499726b555d7c129504f4c255a5319e525cb25a6e5123a5977dfd00
Debian Linux Security Advisory 5131-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in information disclosure or denial of service.
0ce1ac4c9b5f847ee5c48b568e5bd589bd60a5500cc76785b6028180f6763265
Red Hat Security Advisory 2022-1747-01 - OpenShift Serverless version 1.22.0 contains a moderate security impact. The References section contains CVE links providing detailed severity ratings for each vulnerability.
9f53c43845e6989b1ee838b81e5c8b82022554a46d50f3d5c6ed2d4ad233ec23
Red Hat Security Advisory 2022-1436-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements.
3986d0719fae03fa5e12b7c9a78343c416ad00d7ab7087afe97da082bb00891c
Red Hat Security Advisory 2022-1437-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements.
a37d6ee2d94e6ffeb2dfaf615e8f70bf826b0aa11c5ee38db6c1df49a2675d2a
Ubuntu Security Notice 5388-2 - It was discovered that OpenJDK incorrectly verified ECDSA signatures. An attacker could use this issue to bypass the signature verification process. It was discovered that OpenJDK incorrectly limited memory when compiling a specially crafted XPath expression. An attacker could possibly use this issue to cause a denial of service. It was discovered that OpenJDK incorrectly handled converting certain object arguments into their textual representations. An attacker could possibly use this issue to cause a denial of service.
Red Hat Security Advisory 2022-1445-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.
27e8d6fb511014866f15ba6951ab023f4c23de32da54456e4809ffc31b067ac7