466 matches found
SUSE-SU-2023:0437-1 Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: Updated to version jdk8u362 icedtea-3.26.0: - CVE-2023-21830: Fixed improper restrictions in CORBA deserialization bsc1207249. - CVE-2023-21843: Fixed soundbank URL remote loading bsc1207248...
SUSE-SU-2023:0436-1 Security update for java-11-openjdk
This update for java-11-openjdk fixes the following issues: - CVE-2023-21843: Fixed soundbank URL remote loading bsc1207248. - CVE-2023-21835: Fixed handshake DoS attack against DTLS connections bsc1207246...
SUSE CVE-2008-5355
The "Java Update" feature for Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier does not verify the signature of the JRE that is downloaded, which allows remote attackers to execute arbitrary code v...
SUSE CVE-2009-3864
The Java Update functionality in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 5.0 before Update 22 and JDK and JRE 6 before Update 17, when a non-English version of Windows is used, does not retrieve available new JRE versions, which allows remote attackers to leverage vulnerabiliti...
SUSE CVE-2010-4451
Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier for Windows, when using Java Update, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install...
SUSE CVE-2013-1484
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries...
SUSE-SU-2023:0375-1 Security update for java-1_8_0-ibm
This update for java-180-ibm fixes the following issues: IBM Security Update November 2022: bsc1205302, bsc1204703 - CVE-2022-3676: A security vulnerability was fixed in version 8.0.7.20, adding the reference here...
DSA-5323-1 libitext5-java - security update
Bulletin has no description...
SUSE-SU-2022:4290-1 Security update for java-1_8_0-ibm
This update for java-180-ibm fixes the following issues: - CVE-2022-21626: An unauthenticated attacker with network access via HTTPS can compromise Oracle Java SE, Oracle GraalVM Enterprise Edition bsc1204471. - CVE-2022-21618: An unauthenticated attacker with network access via Kerberos can...
CLSA-2022-1669309108 Fix CVE(s): CVE-2022-21628, CVE-2022-21626, CVE-2022-21624, CVE-2022-21619
Backport upstream releases 8u352 to 16.04 LTS Security fixes in 8u352: - JDK-8282252: Improve BigInteger/Decimal validation - JDK-8285662: Better permission resolution - JDK-8286511: Improve macro allocation - JDK-8286519: Better memory handling - JDK-8286526, CVE-2022-21619: Improve NTLM support...
SUSE: Security Advisory (SUSE-SU-2022:4166-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:3880-1 Security update for spacewalk-java
This update for spacewalk-java fixes the following issues: - CVE-2022-31255: Fix directory path traversal vulnerability bsc1204543 - CVE-2022-43754: Fix reflected cross site scripting vulnerability bsc1204741 - CVE-2022-43753: Fix arbitrary file disclosure vulnerability bsc1204716...
SUSE-SU-2022:2949-1 Security update for java-1_8_0-ibm
This update for java-180-ibm fixes the following issues: - Updated to Java 8.0 Service Refresh 7 Fix Pack 11 bsc1202427: - CVE-2022-34169: Fixed an integer truncation issue in the Xalan Java XSLT library that occurred when processing malicious stylesheets bsc1201684. - CVE-2022-21549: Fixed an...
SUSE-SU-2022:2898-1 Security update for java-1_7_1-ibm
This update for java-171-ibm fixes the following issues: - Updated to Java 7.1 Service Refresh 5 Fix Pack 15 bsc1202427: - CVE-2022-34169: Fixed an integer truncation issue in the Xalan Java XSLT library that occurred when processing malicious stylesheets bsc1201684. - CVE-2022-21549: Fixed an...
SUSE-SU-2022:2856-1 Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: - Updated to version jdk8u345 icedtea-3.24.0 - CVE-2022-21540: Fixed a potential Java sandbox bypass bsc1201694. - CVE-2022-21541: Fixed a potential Java sandbox bypass bsc1201692. - CVE-2022-34169: Fixed an issue where arbitrary byteco...
SUSE-SU-2022:2819-1 Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: - Updated to version jdk8u345 icedtea-3.24.0 - CVE-2022-21540: Fixed a potential Java sandbox bypass bsc1201694. - CVE-2022-21541: Fixed a potential Java sandbox bypass bsc1201692. - CVE-2022-34169: Fixed an issue where arbitrary byteco...
SUSE-SU-2022:2650-1 Security update for java-1_8_0-ibm
This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 7 Fix Pack 10 bsc1201643 - CVE-2022-21476 bsc1198671, CVE-2022-21449 bsc1198670, CVE-2022-21496 bsc1198673, CVE-2022-21434 bsc1198674, CVE-2022-21426 bsc1198672, CVE-2022-21443 bsc1198675, CVE-2021-35561...
SUSE-SU-2022:2539-1 Security update for java-1_7_1-ibm
This update for java-171-ibm fixes the following issues: Update to Java 7.1 Service Refresh 5 Fix Pack 10 bsc1201643, including fixes for: - CVE-2022-21476 bsc1198671, CVE-2022-21449 bsc1198670, CVE-2022-21496 bsc1198673, CVE-2022-21434 bsc1198674, CVE-2022-21426 bsc1198672, CVE-2022-21443...
SUSE-SU-2022:2530-1 Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: Update to version jdk8u332 - April 2022 CPU icedtea-3.23.0 - CVE-2022-21426: Better XPath expression handling bsc1198672 - CVE-2022-21443: Improved Object Identification bsc1198675 - CVE-2022-21434: Better invocation handler handling...
CLSA-2022-1654174749 Fixed CVEs in java-1.8.0-openjdk: CVE-2022-21434, CVE-2022-21443, CVE-2022-21476, CVE-2022-21426, CVE-2022-21496
Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u332-b09. That fixes following CVEs: - CVE-2022-21476: Defective secure validation in Apache Santuario - CVE-2022-21496: URI parsing inconsistencies - CVE-2022-21434: Improper object-to-string conversion in AnnotationInvocationHandler -...