47 matches found
MGASA-2022-0435 Updated java packages fix security vulnerability
Class compilation issue. CVE-2022-21540 Improper restriction of MethodHandle.invokeBasic. CVE-2022-21541 Integer truncation issue in Xalan-J. CVE-2022-34169 Improper MultiByte conversion can lead to buffer overflow. CVE-2022-21618 Improper handling of long NTLM client hostnames. CVE-2022-21619...
SUSE-SU-2022:2707-1 Security update for java-11-openjdk
This update for java-11-openjdk fixes the following issues: Update to upstream tag jdk-11.0.16+8 July 2022 CPU - CVE-2022-21540: Improve class compilation bsc1201694 - CVE-2022-21541: Enhance MethodHandle invocations bsc1201692 - CVE-2022-34169: Improve Xalan supports bsc1201684...
SUSE-SU-2022:2660-1 Security update for java-17-openjdk
This update for java-17-openjdk fixes the following issues: Update to upstream tag jdk-17.0.4+8 July 2022 CPU - CVE-2022-21540: Improve class compilation bsc1201694 - CVE-2022-21541: Enhance MethodHandle invocations bsc1201692 - CVE-2022-34169: Improve Xalan supports bsc1201684 - CVE-2022-21549:...
OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Difficult to...
SUSE: Security Advisory (SUSE-SU-2016:0957-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Java Applet Method Handle Remote Code Execution (CVE-2012-5088)
A code execution vulnerability has been reported in Oracle's Java and JRE. The vulnerability is due to improper use of the Method Handle class. A remote attacker may exploit this issue by enticing a target user to open a specially crafted Java applet which can enable an attacker to execute...
SUSE SLED12 / SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2016:2012-1)
This update for java-180-openjdk fixes the following issues : - Upgrade to version jdk8u101 icedtea 3.1.0 - New in release 3.1.0 2016-07-25 : - Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking bsc989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only bsc989734 -...
openSUSE Security Update : OpenJDK7 (openSUSE-2016-982)
Update to 2.6.7 - OpenJDK 7u111 - Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking bsc989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only bsc989734 - S8147771: Construction of static protection domains under Javax custom policy - S8148872, CVE-2016-3500:...
openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-977)
This update for java-170-openjdk fixes the following issues : - Update to 2.6.7 - OpenJDK 7u111 - Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking bsc989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only bsc989734 - S8147771: Construction of static protection...
openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-976)
This update for java-170-openjdk fixes the following issues : - Update to 2.6.7 - OpenJDK 7u111 - Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking bsc989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only bsc989734 - S8147771: Construction of static protection...
Security update for java-1_7_0-openjdk (important)
This update for java-170-openjdk fixes the following issues: - Update to 2.6.7 - OpenJDK 7u111 Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking bsc989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only bsc989734 - S8147771: Construction of static protection domai...
Security update for java-1_8_0-openjdk (important)
This update for java-180-openjdk fixes the following issues: - Upgrade to version jdk8u101 icedtea 3.1.0 - New in release 3.1.0 2016-07-25: Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking bsc989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only bsc989734 -...
Security update for java-1_7_0-openjdk (important)
This update for java-170-openjdk fixes the following issues: - Update to 2.6.7 - OpenJDK 7u111 Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking bsc989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only bsc989734 - S8147771: Construction of static protection domai...
openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-944)
This update for java-180-openjdk fixes the following issues : - Upgrade to version jdk8u101 icedtea 3.1.0 - New in release 3.1.0 2016-07-25 : - Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking boo989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only boo989734 -...
jre7-openjdk-headless: sandbox escape
It was discovered that the security fix for CVE-2013-5838 was incomplete and still allowed remote attackers to escape the Java security sandbox mechanism. The root problem is that the Reflection API does not properly guarantee type safety when Method Handle objects were invoked across two differe...
jre7-openjdk: sandbox escape
It was discovered that the security fix for CVE-2013-5838 was incomplete and still allowed remote attackers to escape the Java security sandbox mechanism. The root problem is that the Reflection API does not properly guarantee type safety when Method Handle objects were invoked across two differe...
jdk7-openjdk: sandbox escape
It was discovered that the security fix for CVE-2013-5838 was incomplete and still allowed remote attackers to escape the Java security sandbox mechanism. The root problem is that the Reflection API does not properly guarantee type safety when Method Handle objects were invoked across two differe...
jdk8-openjdk: sandbox escape
It was discovered that the security fix for CVE-2013-5838 was incomplete and still allowed remote attackers to escape the Java security sandbox mechanism. The root problem is that the Reflection API does not properly guarantee type safety when Method Handle objects were invoked across two differe...
jre8-openjdk-headless: sandbox escape
It was discovered that the security fix for CVE-2013-5838 was incomplete and still allowed remote attackers to escape the Java security sandbox mechanism. The root problem is that the Reflection API does not properly guarantee type safety when Method Handle objects were invoked across two differe...
jre8-openjdk: sandbox escape
It was discovered that the security fix for CVE-2013-5838 was incomplete and still allowed remote attackers to escape the Java security sandbox mechanism. The root problem is that the Reflection API does not properly guarantee type safety when Method Handle objects were invoked across two differe...