Debian DLA-1418-1 : bouncycastle security update

Several security vulnerabilities were found in Bouncy Castle, a Java implementation of cryptographic algorithms. CVE-2016-1000338 DSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have...

USN-3691-1: OpenJDK 7 vulnerabilities

It was discovered that the Security component of OpenJDK did not correctly perform merging of multiple sections for the same file listed in JAR archive file manifests. An attacker could possibly use this to modify attributes in a manifest without invalidating the signature. CVE-2018-2790 Francesc...

[SECURITY] Fedora 28 Update: bouncycastle-1.59-1.fc28

The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 to JDK 1.8...

CVE-2017-3202

The Java implementation of AMF3 deserializers used in Flamingo amf-serializer by Exadel, version 2.2.0, may allow instantiation of arbitrary classes via their public parameter-less constructor and subsequently call arbitrary Java Beans setter methods. The ability to exploit this vulnerability...

Important: Red Hat Security Advisory: rh-java-common-xmlrpc security update

An update for rh-java-common-xmlrpc is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CentOS 7 : xmlrpc (CESA-2018:1780)

An update for xmlrpc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

[SECURITY] Fedora 28 Update: xmlrpc-3.1.3-20.fc28

Apache XML-RPC is a Java implementation of XML-RPC, a popular protocol that uses XML over HTTP to implement remote procedure calls. Apache XML-RPC was previously known as Helma XML-RPC. If you have code using the Helma library, all you should have to do is change the import statements in your cod...

CentOS Update for xmlrpc-client CESA-2018:1780 centos7

Check the version of xmlrpc-client SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882909";...

Oracle Linux 6 : xmlrpc3 (ELSA-2018-1779)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-1779 advisory. - Related: CVE-2016-5003 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested...

[SECURITY] Fedora 25 Update: jetty-alpn-8.1.11-2.v20170118.fc25

A pure JavaTM implementation of the Application Layer Protocol Negotiation TLS Extension...

[SECURITY] Fedora 24 Update: bouncycastle-1.52-9.fc24

The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. The package is organized so that it contains a light-weight API suitable for use in any environment including the newly released J2ME with the additional infrastructure to conform the algorithms to the JCE...

DLA-451-1 openjdk-7 - security update

Bulletin has no description...

[SECURITY] Fedora 22 Update: bouncycastle-1.50-8.fc22

The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. The package is organized so that it contains a light-weight API suitable for use in any environment including the newly released J2ME with the additional infrastructure to conform the algorithms to the JCE...

[SECURITY] Fedora 21 Update: eclipse-jgit-3.5.3-1.fc21

A pure Java implementation of the Git version control system...

[SECURITY] Fedora 21 Update: wss4j-1.6.17-1.fc21

The Apache WSS4J project provides a Java implementation of the primary security standards for Web Services...

opera web browser 7.54 java implementation Multiple Vulnerabilities (1)

No description provided by source. source: http://www.securityfocus.com/bid/11712/info Multiple remote vulnerabilities reportedly affect the Opera Web Browser Java implementation. These issues are due to the insecure proprietary design of the Web browser's Java implementation. These issues may...

opera web browser 7.54 java implementation Multiple Vulnerabilities (4)

No description provided by source. source: http://www.securityfocus.com/bid/11712/info Multiple remote vulnerabilities reportedly affect the Opera Web Browser Java implementation. These issues are due to the insecure proprietary design of the Web browser's Java implementation. These issues may...

opera web browser 7.54 java implementation Multiple Vulnerabilities (2)

No description provided by source. source: http://www.securityfocus.com/bid/11712/info Multiple remote vulnerabilities reportedly affect the Opera Web Browser Java implementation. These issues are due to the insecure proprietary design of the Web browser's Java implementation. These issues may...

Java: XML signature spoofing

A flaw was found in the way Apache Santuario XML Security for Java validated XML signatures. Santuario allowed a signature to specify an arbitrary canonicalization algorithm, which would be applied to the SignedInfo XML fragment. A remote attacker could exploit this to spoof an XML signature via ...

[SECURITY] Fedora 19 Update: wss4j-1.6.10-1.fc19

The Apache WSS4J project provides a Java implementation of the primary security standards for Web Services...