SUSE-SU-2022:2898-1 Security update for java-1_7_1-ibm

This update for java-171-ibm fixes the following issues: - Updated to Java 7.1 Service Refresh 5 Fix Pack 15 bsc1202427: - CVE-2022-34169: Fixed an integer truncation issue in the Xalan Java XSLT library that occurred when processing malicious stylesheets bsc1201684. - CVE-2022-21549: Fixed an...

SUSE SLES15 Security Update : java-1_8_0-openjdk (SUSE-SU-2022:2856-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2856-1 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported...

OESA-2022-1849 openjdk-11 security update

The OpenJDK runtime environment. Security Fixes: The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. T...

SUSE SLED15 / SLES15 Security Update : java-11-openjdk (SUSE-SU-2022:2707-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2707-1 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component:...

CLSA-2022-1659643853 Fixed CVEs in java-1.8.0-openjdk: CVE-2022-34169, CVE-2022-21540, CVE-2022-21541

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u342-b07. That fixes following CVEs: - CVE-2022-34169: Integer truncation issue in Xalan-J - CVE-2022-21540: Class compilation issue - CVE-2022-21541: Improper restriction of MethodHandle.invokeBasic - Update tzdata requirement to 2022a to match...

Fixed CVEs in java-1.8.0-openjdk: CVE-2022-21541, CVE-2022-34169, CVE-2022-21540

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u342-b07. That fixes following CVEs: - CVE-2022-34169: Integer truncation issue in Xalan-J - CVE-2022-21540: Class compilation issue - CVE-2022-21541: Improper restriction of MethodHandle.invokeBasic - Update tzdata requirement to 2022a to match...

USN-5546-2: OpenJDK 8 vulnerabilities

USN-5546-1 fixed vulnerabilities in OpenJDK. This update provides the corresponding updates for Ubuntu 16.04 ESM. Original advisory details: Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain...

SUSE SLED15 / SLES15 Security Update : java-17-openjdk (SUSE-SU-2022:2660-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2660-1 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component:...

CentOS: Security Advisory for java-11-openjdk (CESA-2022:5687)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

java security update

CentOS Errata and Security Advisory CESA-2022:5698 An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detail...

java security update

CentOS Errata and Security Advisory CESA-2022:5687 An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Scientific Linux Security Update : java-1.8.0-openjdk on SL7.x i686/x86_64 (2022:5698)

The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:5698-1 advisory. - OpenJDK: integer truncation issue in Xalan-J JAXP, 8285407 CVE-2022-34169 - OpenJDK: class compilation issue Hotspot, 8281859 CVE-2022-21540 -...

SUSE SLES12 Security Update : java-11-openjdk (SUSE-SU-2022:2610-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2610-1 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported...

OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...

OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...

OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...

OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...

OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...

RHEL 9 : java-17-openjdk (RHSA-2022:5736)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5736 advisory. The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. The following...

OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...