ALBA-2021:5232 java-11-openjdk bug fix and enhancement update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Bug Fixes and Enhancements: While in FIPS mode, the NSS Software Token does not allow the import of private or secret plain keys. This caused the OpenJDK keytool...

RLSA-2021:4135 Important: java-17-openjdk security update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation Libraries, 8266689 CVE-2021-35567 OpenJDK: Excessive memory allocation i...

ALBA-2021:3888 java-1.8.0-openjdk bug fix and enhancement update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Bug Fixes and Enhancements: EMBARGOED java-1.8.0-openjdk: JDK: Oracle CPU 2021-10 BZ2012338...

java-1.8.0-openjdk bug fix and enhancement update

An update is available for java-1.8.0-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime...

java-11-openjdk bug fix and enhancement update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Bug Fixes and Enhancements: java-11-openjdk: JDK: Oracle CPU 2021-10 BZ2012334...

java-11-openjdk bug fix and enhancement update

An update is available for java-11-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The java-11-openjdk packages provide the OpenJDK 11 Java Runtime...

RLSA-2021:3891 Important: java-11-openjdk security update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixes: OpenJDK: Loop in HttpsServer triggered during TLS session close JSSE, 8254967 CVE-2021-35565 OpenJDK: Incorrect principal selection when using Kerberos...

Security Bulletin: A vulnerabbility exists in the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Manager CVE-2021-2388, CVE-2021-2369, CVE-2021-2432, CVE-2021-2341.

Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Manager IP Edition v3.9, v4.1 and v4.2 which was disclosed in the Oracle July 2021 Critical Patch Update. Vulnerability Details Refer to the security bulletins listed in the...

The vulnerability of the Java Runtime Environment (JRE) component in Java SE software platforms allows attackers to execute arbitrary code.

The vulnerability of the Java Runtime Environment JRE component in Java SE programming platforms is related to the bypassing of security functions. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created applet...

VulnCheck KEV: CVE-2013-2471

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to...

VulnCheck KEV: CVE-2013-2460

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from...

java security update

CentOS Errata and Security Advisory CESA-2021:2845 An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detail...

Important: Red Hat Security Advisory: OpenJDK 11.0.12 Security Update for Windows Builds

The Red Hat Build of OpenJDK 11 java-11-openjdk is now available for Windows. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Security Bulletin: Vulnerability in SSLv3 affects FileNet Content Manager, FileNet BPM and IBM Content Foundation (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is a configurable option in FileNet Content Manager and FileNet BPM products. If using SSLv3 with these products, please refer to the sections below to...

Apache Tomcat 9.0.0.M1 - Cross-Site Scripting (XSS) Vulnerability

Exploit Title: Apache Tomcat 9.0.0.M1 - Cross-Site Scripting XSS Exploit Author: Central InfoSec Version: Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39, and 7.0.0 to 7.0.93 CVE : CVE-2019-0221 Requirements: SSI support must be enabled within Apache Tomcat. SSI support is not enabled by...

Security Bulletin:Eclipse OpenJ9 could allow a local attacker to gain elevated privileges on the system and The IBM Java Runtime Environment's Diagnostic Tooling Framework for Java does not protect against CVE-2018-1656 and CVE-2018-12539

Summary The IBM Java Runtime Environment's Diagnostic Tooling Framework for Java DTFJ IBM SDK, Java Technology Edition 6.0, 7.0, and 8.0 does not protect against path traversal attacks when extracting compressed dump files. IBM X-Force ID: 144882. And Eclipse OpenJ9 could allow a local attacker t...

Security Bulletin: IBM MQ is vulnerable to multiple issues with the IBM® Runtime Environment Java™ Technology Edition shipped with IBM MQ. (CVE-2020-14781, CVE-2020-14782).

Summary Multiple issues were identified in the IBM® Runtime Environment Java™ Technology Edition shipped with IBM MQ. Vulnerability Details CVEID: CVE-2020-14781 DESCRIPTION: An unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated attacker to obtain...

java-1.8.0-openjdk bug fix and enhancement update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Bug Fixes and Enhancements: Prepare for the next quarterly OpenJDK upstream release 2021-04, 8u292 almalinux-8 BZ1942308 EMBARGOED java-1.8.0-openjdk: JDK: Oracle CPU...

java-11-openjdk bug fix and enhancement update

An update is available for java-11-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The java-11-openjdk packages provide the OpenJDK 11 Java Runtime...

java-11-openjdk bug fix and enhancement update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Bug Fixes and Enhancements: Prepare for the next quarterly OpenJDK upstream release 2021-04, 11.0.11 almalinux-8 BZ1942311 java-11-openjdk: JDK: Oracle CPU 2021-04 BZ1943...