java security update

CentOS Errata and Security Advisory CESA-2017:0061 An update for java-1.6.0-openjdk is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

DEBIAN-CVE-2016-8646

The hashaccept function in crypto/algifhash.c in the Linux kernel before 4.3.6 allows local users to cause a denial of service OOPS by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data...

Amazon Linux AMI : java-1.8.0-openjdk (ALAS-2016-759)

It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine's memory and completely bypass Java sandbox restrictions. CVE-2016-558...

OpenJDK: missing algorithm restrictions for jar verification (Libraries, 8155973)

It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for JAR integrity verification. This flaw could allow an attacker to modify content of the JAR file that used weak signing key or hash algorithm...

OpenJDK: missing algorithm restrictions for jar verification (Libraries, 8155973)

It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for JAR integrity verification. This flaw could allow an attacker to modify content of the JAR file that used weak signing key or hash algorithm...

CentOS 6 / 7 : java-1.8.0-openjdk (CESA-2016:2079)

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

CVE-2016-5542

It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for JAR integrity verification. This flaw could allow an attacker to modify content of the JAR file that used weak signing key or hash algorithm...

Vulnerabilities in MD5 Signature and Hash Algorithm and TLS 1.2 affects sendmail imap and pop3d on AIX,Vulnerabilities in MD5 Signature and Hash Algorithm and TLS 1.2 affects sendmail imap and pop3d on AIX,Vulnerabilities in MD5 Signature and Hash Algorithm and TLS 1.2 affects sendmail imap and pop3d on VIOS,Vulnerabilities in MD5 Signature and Hash Algorithm and TLS 1.2 affects sendmail imap pop3d ftp/ftpd and ndpd-host/ndpd-router on AIX

nettcpadvisory2.asc: Version 4 Version 4 Issued: Thu Oct 20 10:56:28 CDT 2016 Version 4 Changes: New iFixes provided for AIX 5.3.12.9, 6.1.9.5, 6.1.9.6, 7.1.3.5, and 7.1.3.6. For security reasons, it is highly recommended to install these new iFixes. Bulletin scope increased to include ftp/ftpd a...

CVE-2016-4511

ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file...

CVE-2016-4511

ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file...

Design/Logic Flaw

ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file...

CVE-2016-4511

CVE-2016-4511 concerns ABB PCM600 prior to version 2.7, where the main application password stored in ACTConfig is hashed with a weak function. This enables local attackers with read access to ACTConfig to obtain sensitive cleartext information. The vulnerability is described as a password hash/i...

CVE-2016-4511

ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file...

Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2016-643) (SLOTH)

An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox...

Critical: Red Hat Security Advisory: java-1.7.0-ibm security update

Updated java-1.7.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Critical: Red Hat Security Advisory: java-1.6.0-ibm security update

Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

CentOS Update for java CESA-2016:0050 centos6

Check the version of java SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882370";...

RedHat Update for java-1.7.0-openjdk RHSA-2016:0053-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x, SL7.x i386/x86_64 (20160121) (SLOTH)

An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox...

Oracle Linux 5 / 7 : java-1.7.0-openjdk (ELSA-2016-0054)

The remote Oracle Linux 5 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-0054 advisory. 1.7.0.95-2.6.4.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.95-2.6.4.0 - Bump to 2.6.4 and u95b00. - Backport tarball creation script from OpenJDK...