Lucene search
+L

CentOS: Security Advisory for java-11-openjdk (CESA-2020:2969)

🗓️ 08 Aug 2020 00:00:00Reported by Copyright (C) 2020 Greenbone Networks GmbHType 
openvas
 openvas
🔗 plugins.openvas.org👁 24 Views

CentOS: Security Advisory for java-11-openjdk (CESA-2020:2969) - OpenJDK update for CentOS

Related
Refs
Code
ReporterTitlePublishedViews
Family
IBM Security Bulletins
Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - January 2019 through July 2022 affects AIX LPARs in IBM PureData System for Operational Analytics
4 Nov 202220:17
ibm
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM WebSphere Cast Iron Solution & App Connect Professional
12 Nov 202006:32
ibm
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM i
28 Sep 202015:38
ibm
IBM Security Bulletins
Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oracle Jul 2020 CPU plus one additional vulnerability and Oracle deferred from Jan 2020
13 Feb 202100:52
ibm
IBM Security Bulletins
Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime Affect IBM Sterling Connect:Direct FTP+
21 Aug 202018:22
ibm
IBM Security Bulletins
Security Bulletin: Multiple Vulnerabilities in Java affecting Watson Knowledge Catalog for IBM Cloud Pak for Data
14 Jan 202115:11
ibm
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime 1.8 affect IBM Sterling Secure Proxy
8 Jan 202123:11
ibm
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM InfoSphere Identity Insight (CVE-2020-14621, CVE-2020-14577)
13 Nov 202019:00
ibm
IBM Security Bulletins
Security Bulletin: A vulnerability in IBM Java affects IBM ILOG CPLEX Optimization Studio and IBM CPLEX Enterprise Server (CVE-2020-14621)
12 Nov 202015:41
ibm
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Developer for i - July 2020.
10 Feb 202116:26
ibm
Rows per page
# Copyright (C) 2020 Greenbone Networks GmbH
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.883271");
  script_version("2023-10-20T16:09:12+0000");
  script_cve_id("CVE-2020-14556", "CVE-2020-14562", "CVE-2020-14573", "CVE-2020-14577", "CVE-2020-14583", "CVE-2020-14593", "CVE-2020-14621");
  script_tag(name:"cvss_base", value:"5.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:N");
  script_tag(name:"last_modification", value:"2023-10-20 16:09:12 +0000 (Fri, 20 Oct 2023)");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2020-11-10 16:15:00 +0000 (Tue, 10 Nov 2020)");
  script_tag(name:"creation_date", value:"2020-08-08 03:00:56 +0000 (Sat, 08 Aug 2020)");
  script_name("CentOS: Security Advisory for java-11-openjdk (CESA-2020:2969)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2020 Greenbone Networks GmbH");
  script_family("CentOS Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/centos", "ssh/login/rpms", re:"ssh/login/release=CentOS7");

  script_xref(name:"CESA", value:"2020:2969");
  script_xref(name:"URL", value:"https://lists.centos.org/pipermail/centos-announce/2020-August/035791.html");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'java-11-openjdk'
  package(s) announced via the CESA-2020:2969 advisory.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");

  script_tag(name:"insight", value:"The java-11-openjdk packages provide the OpenJDK 11 Java Runtime
Environment and the OpenJDK 11 Java Software Development Kit.

Security Fix(es):

  * OpenJDK: Bypass of boundary checks in nio.Buffer via concurrent access
(Libraries, 8238920) (CVE-2020-14583)

  * OpenJDK: Incomplete bounds checks in Affine Transformations (2D, 8240119)
(CVE-2020-14593)

  * OpenJDK: Incorrect handling of access control context in ForkJoinPool
(Libraries, 8237117) (CVE-2020-14556)

  * OpenJDK: Excessive memory usage in ImageIO TIFF plugin (ImageIO, 8233239)
(CVE-2020-14562)

  * OpenJDK: Incomplete interface type checks in Graal compiler (Hotspot,
8236867) (CVE-2020-14573)

  * OpenJDK: XML validation manipulation due to incomplete application of the
use-grammar-pool-only feature (JAXP, 8242136) (CVE-2020-14621)

  * OpenJDK: HostnameChecker does not ensure X.509 certificate names are in
normalized form (JSSE, 8237592) (CVE-2020-14577)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.");

  script_tag(name:"affected", value:"'java-11-openjdk' package(s) on CentOS 7.");

  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"package");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release)
  exit(0);

res = "";
report = "";

if(release == "CentOS7") {

  if(!isnull(res = isrpmvuln(pkg:"java-11-openjdk", rpm:"java-11-openjdk~11.0.8.10~0.el7_8", rls:"CentOS7"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"java-11-openjdk-demo", rpm:"java-11-openjdk-demo~11.0.8.10~0.el7_8", rls:"CentOS7"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"java-11-openjdk-devel", rpm:"java-11-openjdk-devel~11.0.8.10~0.el7_8", rls:"CentOS7"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"java-11-openjdk-headless", rpm:"java-11-openjdk-headless~11.0.8.10~0.el7_8", rls:"CentOS7"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"java-11-openjdk-javadoc", rpm:"java-11-openjdk-javadoc~11.0.8.10~0.el7_8", rls:"CentOS7"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"java-11-openjdk-javadoc-zip", rpm:"java-11-openjdk-javadoc-zip~11.0.8.10~0.el7_8", rls:"CentOS7"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"java-11-openjdk-jmods", rpm:"java-11-openjdk-jmods~11.0.8.10~0.el7_8", rls:"CentOS7"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"java-11-openjdk-src", rpm:"java-11-openjdk-src~11.0.8.10~0.el7_8", rls:"CentOS7"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

exit(0);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation