Ubuntu: Security Advisory (USN-7484-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7483-1: OpenJDK 21 vulnerabilities

Alicja Kario discovered that the JSSE component of OpenJDK 21 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of OpenJDK 21 incorrectly handled compiler transformations. An...

USN-7481-1: OpenJDK 11 vulnerabilities

Alicja Kario discovered that the JSSE component of OpenJDK 11 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of OpenJDK 11 incorrectly handled compiler transformations. An...

USN-7480-1: OpenJDK 8 vulnerabilities

Alicja Kario discovered that the JSSE component of OpenJDK 8 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of OpenJDK 8 incorrectly handled compiler transformations. An...

USN-7480-1 openjdk-8 vulnerabilities

Alicja Kario discovered that the JSSE component of OpenJDK 8 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of OpenJDK 8 incorrectly handled compiler transformations. An...

USN-7346-3 opensc vulnerabilities

USN-7346-1 fixed vulnerabilities in OpenSC. The update introduced a regression which broke smartcard based authentication. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that OpenSC did not correctly handle certain memory operations...

June 20, 2024—KB5041054 (OS Build 20348.2529) Out-of-band

June 20, 2024—KB5041054 OS Build 20348.2529 Out-of-band For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to fin...

Updated java 1.8.0, 11 & latest packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Array out-of-bounds access due to missing range check in C1 compiler. CVE-2024-20918 RSA padding issue and timing side-channel attack against TLS. CVE-2024-20952 Arbitrary Java code execution in Nashorn. CVE-2024-20926 JVM class file verifier fla...

Mageia: Security Advisory (MGASA-2024-0061)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:0847-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: - CVE-2024-20952: Fixed RSA padding issue and timing side-channel attack against TLS 8317547 bsc1218911. - CVE-2024-20921: Fixed range check loop optimization issue 8314307 bsc1218905. - CVE-2024-20926: Fixed rbitrary Java code executio...

openSUSE Security Advisory (SUSE-SU-2024:0325-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:0619-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 20: bsc1219843 Security fixes: - CVE-2023-33850: Fixed information disclosure vulnerability due to the consumed GSKit library bsc1219843. - CVE-2024-20932: Fixed incorrect handling of ZIP files...

SUSE-SU-2024:0605-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 20: bsc1219843 Security fixes: - CVE-2023-33850: Fixed information disclosure vulnerability due to the consumed GSKit library bsc1219843. - CVE-2024-20932: Fixed incorrect handling of ZIP files...

SUSE: Security Advisory (SUSE-SU-2024:0325-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:0325-1 Security update for java-17-openjdk

This update for java-17-openjdk fixes the following issues: Updated to version 17.0.10 January 2024 CPU: - CVE-2024-20918: Fixed an out of bounds access in the Hotspot JVM due to a missing bounds check bsc1218907. - CVE-2024-20919: Fixed a sandbox bypass in the Hotspot JVM class file verifier...

java-1.8.0-openjdk: Fix of 8 CVEs

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u402-b06. That fixes following CVEs: - CVE-2024-20918: Array out-of-bounds access due to missing range check in C1 compiler - CVE-2024-20919: JVM class file verifier flaw allows unverified bytecode execution - CVE-2024-20921: Range check loop...

SUSE-SU-2024:0203-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Updated to version 11.0.22 January 2024 CPU: - CVE-2024-20918: Fixed an out of bounds access in the Hotspot JVM due to a missing bounds check bsc1218907. - CVE-2024-20919: Fixed a sandbox bypass in the Hotspot JVM class file verifier...

Important: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 9, and Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of...

OpenJDK: RSA padding issue and timing side-channel attack against TLS (8317547)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...

Important: Red Hat Security Advisory: java-21-openjdk security update

An update for java-21-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...