Lucene search

K
mageiaGentoo FoundationMGASA-2020-0069
HistoryJan 30, 2020 - 9:28 p.m.

Updated java-1.8.0-openjdk packages fix security vulnerabilities

2020-01-3021:28:34
Gentoo Foundation
advisories.mageia.org
24

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

69.4%

The updated packages fix security vulnerabilities: Improper checks of SASL message properties in GssKrb5Base (Security, 8226352) (CVE-2020-2590) Incorrect exception processing during deserialization in BeanContextSupport (Serialization, 8224909) (CVE-2020-2583) Incorrect isBuiltinStreamHandler causing URL normalization issues (Networking, 8228548) (CVE-2020-2593) Use of unsafe RSA-MD5 checkum in Kerberos TGS (Security, 8229951) (CVE-2020-2601) Serialization filter changes via jdk.serialFilter property modification (Serialization, 8231422) (CVE-2020-2604) Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037) (CVE-2020-2654) Incomplete enforcement of maxDatagramSockets limit in DatagramChannelImpl (Networking, 8231795) (CVE-2020-2659)

OSVersionArchitecturePackageVersionFilename
Mageia7noarchjava< 1.8.0-openjdk-1.8.0.242-1.b08.2java-1.8.0-openjdk-1.8.0.242-1.b08.2.mga7

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

69.4%